function symptoms_form($selected_id = "", $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0)
{
// function to return an editable form for a table records
// and fill it with data of record whose ID is $selected_id. If $selected_id
// is empty, an empty form is shown, with only an 'Add New'
// button displayed.
global $Translation;
// mm: get table permissions
$arrPerm = getTablePermissions('symptoms');
if (!$arrPerm[1] && $selected_id == "") {
return "";
}
if ($selected_id) {
// mm: check member permissions
if (!$arrPerm[2]) {
return "";
}
// mm: who is the owner?
$ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='symptoms' and pkValue='" . makeSafe($selected_id) . "'");
$ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='symptoms' and pkValue='" . makeSafe($selected_id) . "'");
if ($arrPerm[2] == 1 && getLoggedMemberID() != $ownerMemberID) {
return "";
}
if ($arrPerm[2] == 2 && getLoggedGroupID() != $ownerGroupID) {
return "";
}
// can edit?
if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) {
$AllowUpdate = 1;
} else {
$AllowUpdate = 0;
}
$res = sql("select * from `symptoms` where `id`='" . makeSafe($selected_id) . "'");
$row = mysql_fetch_array($res);
} else {
}
// code for template based detail view forms
// open the detail view template
if (($_POST['dvprint_x'] != '' || $_GET['dvprint_x'] != '') && $selected_id) {
$templateCode = @implode('', @file('./templates/symptoms_templateDVP.html'));
$dvprint = true;
} else {
$templateCode = @implode('', @file('./templates/symptoms_templateDV.html'));
$dvprint = false;
}
// process form title
$templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Symptom details', $templateCode);
// unique random identifier
$rnd1 = $dvprint ? rand(1000000, 9999999) : '';
$templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode);
// process buttons
if ($arrPerm[1] && !$selected_id) {
// allow insert and no record selected?
$templateCode = str_replace('<%%INSERT_BUTTON%%>', '<input type="image" src="insert.gif" name="insert" alt="' . $Translation['add new record'] . '" onclick="return validateData();">', $templateCode);
} else {
$templateCode = str_replace('<%%INSERT_BUTTON%%>', '', $templateCode);
}
if ($selected_id) {
$templateCode = str_replace('<%%DVPRINT_BUTTON%%>', '<input type="image" src="print.gif" vspace="1" name="dvprint" id="dvprint" alt="' . $Translation['printer friendly view'] . '" onclick="document.myform.reset(); return true;" style="margin-bottom: 20px;">', $templateCode);
if ($AllowUpdate) {
$templateCode = str_replace('<%%UPDATE_BUTTON%%>', '<input type="image" src="update.gif" vspace="1" name="update" alt="' . $Translation['update record'] . '" onclick="return validateData();">', $templateCode);
} else {
$templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
// set records to read only if user can't insert new records
if (!$arrPerm[1]) {
$jsReadOnly .= "\n\n\tif(document.getElementsByName('id').length){ document.getElementsByName('id')[0].readOnly=true; }\n";
$jsReadOnly .= "\n\n\tif(document.getElementsByName('name').length){ document.getElementsByName('name')[0].readOnly=true; }\n";
$noUploads = true;
}
}
if ($arrPerm[4] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[4] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[4] == 3) {
// allow delete?
$templateCode = str_replace('<%%DELETE_BUTTON%%>', '<input type="image" src="delete.gif" vspace="1" name="delete" alt="' . $Translation['delete record'] . '" onClick="return confirm(\'' . $Translation['are you sure?'] . '\');">', $templateCode);
} else {
$templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
}
$templateCode = str_replace('<%%DESELECT_BUTTON%%>', "<input type=image src=deselect.gif vspace=1 name=deselect alt=\"" . $Translation['deselect record'] . "\" onclick=\"document.myform.reset(); return true;\">", $templateCode);
} else {
$templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
$templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
$templateCode = str_replace('<%%DESELECT_BUTTON%%>', $ShowCancel ? "<input type=image src=cancel.gif vspace=1 name=deselect alt=\"" . $Translation['deselect record'] . "\" onclick=\"document.myform.reset(); return true;\">" : '', $templateCode);
}
// process combos
// process foreign key links
if ($selected_id) {
}
// process images
$templateCode = str_replace('<%%UPLOADFILE(id)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(name)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(description)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(comments)%%>', '', $templateCode);
// process values
if ($selected_id) {
$templateCode = str_replace('<%%VALUE(id)%%>', htmlspecialchars($row['id'], ENT_QUOTES), $templateCode);
$templateCode = str_replace('<%%VALUE(name)%%>', htmlspecialchars($row['name'], ENT_QUOTES), $templateCode);
if ($AllowUpdate || $AllowInsert) {
$templateCode = str_replace('<%%HTMLAREA(description)%%>', '<textarea name="description" id="description" cols="50" rows="5" class="TextBox">' . htmlspecialchars($row['description'], ENT_QUOTES) . '</textarea>', $templateCode);
} else {
$templateCode = str_replace('<%%HTMLAREA(description)%%>', $row['description'], $templateCode);
}
$templateCode = str_replace('<%%VALUE(description)%%>', $row['description'], $templateCode);
if ($AllowUpdate || $AllowInsert) {
$templateCode = str_replace('<%%HTMLAREA(comments)%%>', '<textarea name="comments" id="comments" cols="50" rows="5" class="TextBox">' . htmlspecialchars($row['comments'], ENT_QUOTES) . '</textarea>', $templateCode);
} else {
$templateCode = str_replace('<%%HTMLAREA(comments)%%>', $row['comments'], $templateCode);
}
$templateCode = str_replace('<%%VALUE(comments)%%>', $row['comments'], $templateCode);
} else {
$templateCode = str_replace('<%%VALUE(id)%%>', '', $templateCode);
$templateCode = str_replace('<%%VALUE(name)%%>', '', $templateCode);
$templateCode = str_replace('<%%HTMLAREA(description)%%>', '<textarea name="description" id="description" cols="50" rows="5" class="TextBox"></textarea>', $templateCode);
$templateCode = str_replace('<%%HTMLAREA(comments)%%>', '<textarea name="comments" id="comments" cols="50" rows="5" class="TextBox"></textarea>', $templateCode);
}
// process translations
foreach ($Translation as $symbol => $trans) {
$templateCode = str_replace("<%%TRANSLATION({$symbol})%%>", $trans, $templateCode);
}
// clear scrap
$templateCode = str_replace('<%%', '<!--', $templateCode);
$templateCode = str_replace('%%>', '-->', $templateCode);
// hide links to inaccessible tables
if ($_POST['dvprint_x'] == '') {
$templateCode .= "\n\n<script>\n";
$arrTables = getTableList();
foreach ($arrTables as $name => $caption) {
$templateCode .= "\tif(document.getElementById('" . $name . "_link')!=undefined){\n";
$templateCode .= "\t\tdocument.getElementById('" . $name . "_link').style.visibility='visible';\n";
$templateCode .= "\t}\n";
for ($i = 1; $i < 10; $i++) {
$templateCode .= "\tif(document.getElementById('" . $name . "_plink{$i}')!=undefined){\n";
$templateCode .= "\t\tdocument.getElementById('" . $name . "_plink{$i}').style.visibility='visible';\n";
$templateCode .= "\t}\n";
}
}
$templateCode .= $jsReadOnly;
if (!$selected_id) {
}
$templateCode .= "\n\tfunction validateData(){";
$templateCode .= "\n\t\tif(\$F('name')==''){ alert('" . addslashes($Translation['error:']) . ' "Name": ' . addslashes($Translation['field not null']) . "'); \$('name').focus(); return false; }";
$templateCode .= "\n\t\treturn true;";
$templateCode .= "\n\t}";
$templateCode .= "\n</script>\n";
}
// ajaxed auto-fill fields
$templateCode .= "<script>";
$templateCode .= "document.observe('dom:loaded', function() {";
$templateCode .= "});";
$templateCode .= "</script>";
// handle enforced parent values for read-only lookup fields
// don't include blank images in lightbox gallery
$templateCode = preg_replace('/blank.gif" rel="lightbox\\[.*?\\]"/', 'blank.gif"', $templateCode);
// don't display empty email links
$templateCode = preg_replace('/<a .*?href="mailto:".*?<\\/a>/', '', $templateCode);
// hook: symptoms_dv
if (function_exists('symptoms_dv')) {
$args = array();
symptoms_dv($selected_id ? $selected_id : FALSE, getMemberInfo(), $templateCode, $args);
}
return $templateCode;
}
function Render()
{
global $Translation;
$eo['silentErrors'] = true;
$result = sql($this->Query . ' limit ' . datalist_auto_complete_size, $eo);
if ($eo['error'] != '') {
$this->HTML = error_message(htmlspecialchars($eo['error']) . "\n\n<!--\n{$Translation['query:']}\n {$this->Query}\n-->\n\n");
return;
}
$this->ItemCount = db_num_rows($result);
$combo = new Combo();
$combo->Class = $this->Class;
$combo->Style = $this->Style;
$combo->SelectName = $this->SelectName;
$combo->SelectedData = $this->SelectedData;
$combo->SelectedText = $this->SelectedText;
$combo->SelectedClass = 'SelectedOption';
$combo->ListType = $this->ListType;
$combo->ListBoxHeight = $this->ListBoxHeight;
$combo->RadiosPerLine = $this->RadiosPerLine;
$combo->AllowNull = $this->ListType == 2 ? 0 : $this->AllowNull;
while ($row = db_fetch_row($result)) {
$combo->ListData[] = htmlspecialchars($row[0], ENT_QUOTES, 'iso-8859-1');
$combo->ListItem[] = $row[1];
}
$combo->Render();
$this->MatchText = $combo->MatchText;
$this->SelectedText = $combo->SelectedText;
$this->SelectedData = $combo->SelectedData;
if ($this->ListType == 2) {
$rnd = rand(100, 999);
$SelectedID = htmlspecialchars(urlencode($this->SelectedData));
$pt_perm = getTablePermissions($this->parent_table);
if ($pt_perm['view'] || $pt_perm['edit']) {
$this->HTML = str_replace(">{$this->MatchText}</label>", ">{$this->MatchText}</label> <button type=\"button\" class=\"btn btn-default view_parent hspacer-lg\" id=\"{$this->parent_table}_view_parent\" title=" . htmlspecialchars($Translation['View']) . "><i class=\"glyphicon glyphicon-eye-open\"></i></button>", $combo->HTML);
}
$this->HTML = str_replace(' type="radio" ', ' type="radio" onclick="' . $this->SelectName . '_changed();" ', $this->HTML);
} else {
$this->HTML = $combo->HTML;
}
}
function orders_form($selected_id = '', $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0)
{
// function to return an editable form for a table records
// and fill it with data of record whose ID is $selected_id. If $selected_id
// is empty, an empty form is shown, with only an 'Add New'
// button displayed.
global $Translation;
// mm: get table permissions
$arrPerm = getTablePermissions('orders');
if (!$arrPerm[1] && $selected_id == '') {
return '';
}
$AllowInsert = $arrPerm[1] ? true : false;
// print preview?
$dvprint = false;
if ($selected_id && $_REQUEST['dvprint_x'] != '') {
$dvprint = true;
}
$filterer_CustomerID = thisOr(undo_magic_quotes($_REQUEST['filterer_CustomerID']), '');
$filterer_EmployeeID = thisOr(undo_magic_quotes($_REQUEST['filterer_EmployeeID']), '');
$filterer_ShipVia = thisOr(undo_magic_quotes($_REQUEST['filterer_ShipVia']), '');
// populate filterers, starting from children to grand-parents
// unique random identifier
$rnd1 = $dvprint ? rand(1000000, 9999999) : '';
// combobox: CustomerID
$combo_CustomerID = new DataCombo();
// combobox: EmployeeID
$combo_EmployeeID = new DataCombo();
// combobox: OrderDate
$combo_OrderDate = new DateCombo();
$combo_OrderDate->DateFormat = "mdy";
$combo_OrderDate->MinYear = 1900;
$combo_OrderDate->MaxYear = 2100;
$combo_OrderDate->DefaultDate = parseMySQLDate('1', '1');
$combo_OrderDate->MonthNames = $Translation['month names'];
$combo_OrderDate->NamePrefix = 'OrderDate';
// combobox: RequiredDate
$combo_RequiredDate = new DateCombo();
$combo_RequiredDate->DateFormat = "mdy";
$combo_RequiredDate->MinYear = 1900;
$combo_RequiredDate->MaxYear = 2100;
$combo_RequiredDate->DefaultDate = parseMySQLDate('1', '1');
$combo_RequiredDate->MonthNames = $Translation['month names'];
$combo_RequiredDate->NamePrefix = 'RequiredDate';
// combobox: ShippedDate
$combo_ShippedDate = new DateCombo();
$combo_ShippedDate->DateFormat = "mdy";
$combo_ShippedDate->MinYear = 1900;
$combo_ShippedDate->MaxYear = 2100;
$combo_ShippedDate->DefaultDate = parseMySQLDate('', '');
$combo_ShippedDate->MonthNames = $Translation['month names'];
$combo_ShippedDate->NamePrefix = 'ShippedDate';
// combobox: ShipVia
$combo_ShipVia = new DataCombo();
if ($selected_id) {
// mm: check member permissions
if (!$arrPerm[2]) {
return "";
}
// mm: who is the owner?
$ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='orders' and pkValue='" . makeSafe($selected_id) . "'");
$ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='orders' and pkValue='" . makeSafe($selected_id) . "'");
if ($arrPerm[2] == 1 && getLoggedMemberID() != $ownerMemberID) {
return "";
}
if ($arrPerm[2] == 2 && getLoggedGroupID() != $ownerGroupID) {
return "";
}
// can edit?
if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) {
$AllowUpdate = 1;
} else {
$AllowUpdate = 0;
}
$res = sql("select * from `orders` where `OrderID`='" . makeSafe($selected_id) . "'", $eo);
if (!($row = db_fetch_array($res))) {
return error_message($Translation['No records found']);
}
$urow = $row;
/* unsanitized data */
$hc = new CI_Input();
$row = $hc->xss_clean($row);
/* sanitize data */
$combo_CustomerID->SelectedData = $row['CustomerID'];
$combo_EmployeeID->SelectedData = $row['EmployeeID'];
$combo_OrderDate->DefaultDate = $row['OrderDate'];
$combo_RequiredDate->DefaultDate = $row['RequiredDate'];
$combo_ShippedDate->DefaultDate = $row['ShippedDate'];
$combo_ShipVia->SelectedData = $row['ShipVia'];
} else {
$combo_CustomerID->SelectedData = $filterer_CustomerID;
$combo_EmployeeID->SelectedData = $filterer_EmployeeID;
$combo_ShipVia->SelectedData = $filterer_ShipVia;
}
$combo_CustomerID->HTML = '<span id="CustomerID-container' . $rnd1 . '"></span><input type="hidden" name="CustomerID" id="CustomerID' . $rnd1 . '" value="' . htmlspecialchars($combo_CustomerID->SelectedData, ENT_QUOTES, 'iso-8859-1') . '">';
$combo_CustomerID->MatchText = '<span id="CustomerID-container-readonly' . $rnd1 . '"></span><input type="hidden" name="CustomerID" id="CustomerID' . $rnd1 . '" value="' . htmlspecialchars($combo_CustomerID->SelectedData, ENT_QUOTES, 'iso-8859-1') . '">';
$combo_EmployeeID->HTML = '<span id="EmployeeID-container' . $rnd1 . '"></span><input type="hidden" name="EmployeeID" id="EmployeeID' . $rnd1 . '" value="' . htmlspecialchars($combo_EmployeeID->SelectedData, ENT_QUOTES, 'iso-8859-1') . '">';
$combo_EmployeeID->MatchText = '<span id="EmployeeID-container-readonly' . $rnd1 . '"></span><input type="hidden" name="EmployeeID" id="EmployeeID' . $rnd1 . '" value="' . htmlspecialchars($combo_EmployeeID->SelectedData, ENT_QUOTES, 'iso-8859-1') . '">';
$combo_ShipVia->HTML = '<span id="ShipVia-container' . $rnd1 . '"></span><input type="hidden" name="ShipVia" id="ShipVia' . $rnd1 . '" value="' . htmlspecialchars($combo_ShipVia->SelectedData, ENT_QUOTES, 'iso-8859-1') . '">';
$combo_ShipVia->MatchText = '<span id="ShipVia-container-readonly' . $rnd1 . '"></span><input type="hidden" name="ShipVia" id="ShipVia' . $rnd1 . '" value="' . htmlspecialchars($combo_ShipVia->SelectedData, ENT_QUOTES, 'iso-8859-1') . '">';
ob_start();
?>
<script>
// initial lookup values
var current_CustomerID__RAND__ = { text: "", value: "<?php
echo addslashes($selected_id ? $urow['CustomerID'] : $filterer_CustomerID);
?>
"};
var current_EmployeeID__RAND__ = { text: "", value: "<?php
echo addslashes($selected_id ? $urow['EmployeeID'] : $filterer_EmployeeID);
?>
"};
var current_ShipVia__RAND__ = { text: "", value: "<?php
echo addslashes($selected_id ? $urow['ShipVia'] : $filterer_ShipVia);
?>
"};
jQuery(function() {
if(typeof(CustomerID_reload__RAND__) == 'function') CustomerID_reload__RAND__();
if(typeof(EmployeeID_reload__RAND__) == 'function') EmployeeID_reload__RAND__();
if(typeof(ShipVia_reload__RAND__) == 'function') ShipVia_reload__RAND__();
});
function CustomerID_reload__RAND__(){
<?php
if (($AllowUpdate || $AllowInsert) && !$dvprint) {
?>
jQuery("#CustomerID-container__RAND__").select2({
/* initial default value */
initSelection: function(e, c){
jQuery.ajax({
url: 'ajax_combo.php',
dataType: 'json',
data: { id: current_CustomerID__RAND__.value, t: 'orders', f: 'CustomerID' }
}).done(function(resp){
c({
id: resp.results[0].id,
text: resp.results[0].text
});
jQuery('[name="CustomerID"]').val(resp.results[0].id);
jQuery('[id=CustomerID-container-readonly__RAND__]').html('<span id="CustomerID-match-text">' + resp.results[0].text + '</span>');
if(typeof(CustomerID_update_autofills__RAND__) == 'function') CustomerID_update_autofills__RAND__();
});
},
width: ($j('fieldset .col-xs-11').width() - 99) + 'px',
formatNoMatches: function(term){ return '<?php
echo addslashes($Translation['No matches found!']);
?>
'; },
minimumResultsForSearch: 10,
loadMorePadding: 200,
ajax: {
url: 'ajax_combo.php',
dataType: 'json',
cache: true,
data: function(term, page){ return { s: term, p: page, t: 'orders', f: 'CustomerID' }; },
results: function(resp, page){ return resp; }
}
}).on('change', function(e){
current_CustomerID__RAND__.value = e.added.id;
current_CustomerID__RAND__.text = e.added.text;
jQuery('[name="CustomerID"]').val(e.added.id);
if(typeof(CustomerID_update_autofills__RAND__) == 'function') CustomerID_update_autofills__RAND__();
});
if(!$j("#CustomerID-container__RAND__").length){
$j.ajax({
url: 'ajax_combo.php',
dataType: 'json',
data: { id: current_CustomerID__RAND__.value, t: 'orders', f: 'CustomerID' }
}).done(function(resp){
$j('[name="CustomerID"]').val(resp.results[0].id);
$j('[id=CustomerID-container-readonly__RAND__]').html('<span id="CustomerID-match-text">' + resp.results[0].text + '</span>');
if(typeof(CustomerID_update_autofills__RAND__) == 'function') CustomerID_update_autofills__RAND__();
});
}
<?php
} else {
?>
jQuery.ajax({
url: 'ajax_combo.php',
dataType: 'json',
data: { id: current_CustomerID__RAND__.value, t: 'orders', f: 'CustomerID' }
}).done(function(resp){
jQuery('[id=CustomerID-container__RAND__], [id=CustomerID-container-readonly__RAND__]').html('<span id="CustomerID-match-text">' + resp.results[0].text + '</span>');
if(typeof(CustomerID_update_autofills__RAND__) == 'function') CustomerID_update_autofills__RAND__();
});
<?php
}
?>
}
function EmployeeID_reload__RAND__(){
<?php
if (($AllowUpdate || $AllowInsert) && !$dvprint) {
?>
jQuery("#EmployeeID-container__RAND__").select2({
/* initial default value */
initSelection: function(e, c){
jQuery.ajax({
url: 'ajax_combo.php',
dataType: 'json',
data: { id: current_EmployeeID__RAND__.value, t: 'orders', f: 'EmployeeID' }
}).done(function(resp){
c({
id: resp.results[0].id,
text: resp.results[0].text
});
jQuery('[name="EmployeeID"]').val(resp.results[0].id);
jQuery('[id=EmployeeID-container-readonly__RAND__]').html('<span id="EmployeeID-match-text">' + resp.results[0].text + '</span>');
if(typeof(EmployeeID_update_autofills__RAND__) == 'function') EmployeeID_update_autofills__RAND__();
});
},
width: ($j('fieldset .col-xs-11').width() - 99) + 'px',
formatNoMatches: function(term){ return '<?php
echo addslashes($Translation['No matches found!']);
?>
'; },
minimumResultsForSearch: 10,
loadMorePadding: 200,
ajax: {
url: 'ajax_combo.php',
dataType: 'json',
cache: true,
data: function(term, page){ return { s: term, p: page, t: 'orders', f: 'EmployeeID' }; },
results: function(resp, page){ return resp; }
}
}).on('change', function(e){
current_EmployeeID__RAND__.value = e.added.id;
current_EmployeeID__RAND__.text = e.added.text;
jQuery('[name="EmployeeID"]').val(e.added.id);
if(typeof(EmployeeID_update_autofills__RAND__) == 'function') EmployeeID_update_autofills__RAND__();
});
if(!$j("#EmployeeID-container__RAND__").length){
$j.ajax({
url: 'ajax_combo.php',
dataType: 'json',
data: { id: current_EmployeeID__RAND__.value, t: 'orders', f: 'EmployeeID' }
}).done(function(resp){
$j('[name="EmployeeID"]').val(resp.results[0].id);
$j('[id=EmployeeID-container-readonly__RAND__]').html('<span id="EmployeeID-match-text">' + resp.results[0].text + '</span>');
if(typeof(EmployeeID_update_autofills__RAND__) == 'function') EmployeeID_update_autofills__RAND__();
});
}
<?php
} else {
?>
jQuery.ajax({
url: 'ajax_combo.php',
dataType: 'json',
data: { id: current_EmployeeID__RAND__.value, t: 'orders', f: 'EmployeeID' }
}).done(function(resp){
jQuery('[id=EmployeeID-container__RAND__], [id=EmployeeID-container-readonly__RAND__]').html('<span id="EmployeeID-match-text">' + resp.results[0].text + '</span>');
if(typeof(EmployeeID_update_autofills__RAND__) == 'function') EmployeeID_update_autofills__RAND__();
});
<?php
}
?>
}
function ShipVia_reload__RAND__(){
<?php
if (($AllowUpdate || $AllowInsert) && !$dvprint) {
?>
jQuery("#ShipVia-container__RAND__").select2({
/* initial default value */
initSelection: function(e, c){
jQuery.ajax({
url: 'ajax_combo.php',
dataType: 'json',
data: { id: current_ShipVia__RAND__.value, t: 'orders', f: 'ShipVia' }
}).done(function(resp){
c({
id: resp.results[0].id,
text: resp.results[0].text
});
jQuery('[name="ShipVia"]').val(resp.results[0].id);
jQuery('[id=ShipVia-container-readonly__RAND__]').html('<span id="ShipVia-match-text">' + resp.results[0].text + '</span>');
if(typeof(ShipVia_update_autofills__RAND__) == 'function') ShipVia_update_autofills__RAND__();
});
},
width: ($j('fieldset .col-xs-11').width() - 99) + 'px',
formatNoMatches: function(term){ return '<?php
echo addslashes($Translation['No matches found!']);
?>
'; },
minimumResultsForSearch: 10,
loadMorePadding: 200,
ajax: {
url: 'ajax_combo.php',
dataType: 'json',
cache: true,
data: function(term, page){ return { s: term, p: page, t: 'orders', f: 'ShipVia' }; },
results: function(resp, page){ return resp; }
}
}).on('change', function(e){
current_ShipVia__RAND__.value = e.added.id;
current_ShipVia__RAND__.text = e.added.text;
jQuery('[name="ShipVia"]').val(e.added.id);
if(typeof(ShipVia_update_autofills__RAND__) == 'function') ShipVia_update_autofills__RAND__();
});
if(!$j("#ShipVia-container__RAND__").length){
$j.ajax({
url: 'ajax_combo.php',
dataType: 'json',
data: { id: current_ShipVia__RAND__.value, t: 'orders', f: 'ShipVia' }
}).done(function(resp){
$j('[name="ShipVia"]').val(resp.results[0].id);
$j('[id=ShipVia-container-readonly__RAND__]').html('<span id="ShipVia-match-text">' + resp.results[0].text + '</span>');
if(typeof(ShipVia_update_autofills__RAND__) == 'function') ShipVia_update_autofills__RAND__();
});
}
<?php
} else {
?>
jQuery.ajax({
url: 'ajax_combo.php',
dataType: 'json',
data: { id: current_ShipVia__RAND__.value, t: 'orders', f: 'ShipVia' }
}).done(function(resp){
jQuery('[id=ShipVia-container__RAND__], [id=ShipVia-container-readonly__RAND__]').html('<span id="ShipVia-match-text">' + resp.results[0].text + '</span>');
if(typeof(ShipVia_update_autofills__RAND__) == 'function') ShipVia_update_autofills__RAND__();
});
<?php
}
?>
}
</script>
<?php
$lookups = str_replace('__RAND__', $rnd1, ob_get_contents());
ob_end_clean();
// code for template based detail view forms
// open the detail view template
if ($dvprint) {
$templateCode = @file_get_contents('./templates/orders_templateDVP.html');
} else {
$templateCode = @file_get_contents('./templates/orders_templateDV.html');
}
// process form title
$templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Detail View', $templateCode);
$templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode);
$templateCode = str_replace('<%%EMBEDDED%%>', $_REQUEST['Embedded'] ? 'Embedded=1' : '', $templateCode);
// process buttons
if ($arrPerm[1] && !$selected_id) {
// allow insert and no record selected?
if (!$selected_id) {
$templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-success" id="insert" name="insert_x" value="1" onclick="return orders_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save New'] . '</button>', $templateCode);
}
$templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="insert" name="insert_x" value="1" onclick="return orders_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save As Copy'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%INSERT_BUTTON%%>', '', $templateCode);
}
// 'Back' button action
if ($_REQUEST['Embedded']) {
$backAction = 'window.parent.jQuery(\'.modal\').modal(\'hide\'); return false;';
} else {
$backAction = '$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;';
}
if ($selected_id) {
if (!$_REQUEST['Embedded']) {
$templateCode = str_replace('<%%DVPRINT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="dvprint" name="dvprint_x" value="1" onclick="$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print Preview'] . '</button>', $templateCode);
}
if ($AllowUpdate) {
$templateCode = str_replace('<%%UPDATE_BUTTON%%>', '<button type="submit" class="btn btn-success btn-lg" id="update" name="update_x" value="1" onclick="return orders_validateData();"><i class="glyphicon glyphicon-ok"></i> ' . $Translation['Save Changes'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
}
if ($arrPerm[4] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[4] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[4] == 3) {
// allow delete?
$templateCode = str_replace('<%%DELETE_BUTTON%%>', '<button type="submit" class="btn btn-danger" id="delete" name="delete_x" value="1" onclick="return confirm(\'' . $Translation['are you sure?'] . '\');"><i class="glyphicon glyphicon-trash"></i> ' . $Translation['Delete'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
}
$templateCode = str_replace('<%%DESELECT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
$templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
$templateCode = str_replace('<%%DESELECT_BUTTON%%>', $ShowCancel ? '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>' : '', $templateCode);
}
// set records to read only if user can't insert new records and can't edit current record
if ($selected_id && !$AllowUpdate || !$selected_id && !$AllowInsert) {
$jsReadOnly .= "\tjQuery('#CustomerID').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n";
$jsReadOnly .= "\tjQuery('#CustomerID_caption').prop('disabled', true).css({ color: '#555', backgroundColor: 'white' });\n";
$jsReadOnly .= "\tjQuery('#EmployeeID').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n";
$jsReadOnly .= "\tjQuery('#EmployeeID_caption').prop('disabled', true).css({ color: '#555', backgroundColor: 'white' });\n";
$jsReadOnly .= "\tjQuery('#OrderDate').prop('readonly', true);\n";
$jsReadOnly .= "\tjQuery('#OrderDateDay, #OrderDateMonth, #OrderDateYear').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n";
$jsReadOnly .= "\tjQuery('#RequiredDate').prop('readonly', true);\n";
$jsReadOnly .= "\tjQuery('#RequiredDateDay, #RequiredDateMonth, #RequiredDateYear').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n";
$jsReadOnly .= "\tjQuery('#ShippedDate').prop('readonly', true);\n";
$jsReadOnly .= "\tjQuery('#ShippedDateDay, #ShippedDateMonth, #ShippedDateYear').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n";
$jsReadOnly .= "\tjQuery('#ShipVia').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n";
$jsReadOnly .= "\tjQuery('#ShipVia_caption').prop('disabled', true).css({ color: '#555', backgroundColor: 'white' });\n";
$jsReadOnly .= "\tjQuery('#Freight').replaceWith('<div class=\"form-control-static\" id=\"Freight\">' + (jQuery('#Freight').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('.select2-container').hide();\n";
$noUploads = true;
} elseif ($AllowInsert && !$selected_id || $AllowUpdate && $selected_id) {
$jsEditable .= "\tjQuery('form').eq(0).data('already_changed', true);";
// temporarily disable form change handler
$jsEditable .= "\tjQuery('form').eq(0).data('already_changed', false);";
// re-enable form change handler
}
// process combos
$templateCode = str_replace('<%%COMBO(CustomerID)%%>', $combo_CustomerID->HTML, $templateCode);
$templateCode = str_replace('<%%COMBOTEXT(CustomerID)%%>', $combo_CustomerID->MatchText, $templateCode);
$templateCode = str_replace('<%%URLCOMBOTEXT(CustomerID)%%>', urlencode($combo_CustomerID->MatchText), $templateCode);
$templateCode = str_replace('<%%COMBO(EmployeeID)%%>', $combo_EmployeeID->HTML, $templateCode);
$templateCode = str_replace('<%%COMBOTEXT(EmployeeID)%%>', $combo_EmployeeID->MatchText, $templateCode);
$templateCode = str_replace('<%%URLCOMBOTEXT(EmployeeID)%%>', urlencode($combo_EmployeeID->MatchText), $templateCode);
$templateCode = str_replace('<%%COMBO(OrderDate)%%>', $selected_id && !$arrPerm[3] ? '<div class="form-control-static">' . $combo_OrderDate->GetHTML(true) . '</div>' : $combo_OrderDate->GetHTML(), $templateCode);
$templateCode = str_replace('<%%COMBOTEXT(OrderDate)%%>', $combo_OrderDate->GetHTML(true), $templateCode);
$templateCode = str_replace('<%%COMBO(RequiredDate)%%>', $selected_id && !$arrPerm[3] ? '<div class="form-control-static">' . $combo_RequiredDate->GetHTML(true) . '</div>' : $combo_RequiredDate->GetHTML(), $templateCode);
$templateCode = str_replace('<%%COMBOTEXT(RequiredDate)%%>', $combo_RequiredDate->GetHTML(true), $templateCode);
$templateCode = str_replace('<%%COMBO(ShippedDate)%%>', $selected_id && !$arrPerm[3] ? '<div class="form-control-static">' . $combo_ShippedDate->GetHTML(true) . '</div>' : $combo_ShippedDate->GetHTML(), $templateCode);
$templateCode = str_replace('<%%COMBOTEXT(ShippedDate)%%>', $combo_ShippedDate->GetHTML(true), $templateCode);
$templateCode = str_replace('<%%COMBO(ShipVia)%%>', $combo_ShipVia->HTML, $templateCode);
$templateCode = str_replace('<%%COMBOTEXT(ShipVia)%%>', $combo_ShipVia->MatchText, $templateCode);
$templateCode = str_replace('<%%URLCOMBOTEXT(ShipVia)%%>', urlencode($combo_ShipVia->MatchText), $templateCode);
/* lookup fields array: 'lookup field name' => array('parent table name', 'lookup field caption') */
$lookup_fields = array('CustomerID' => array('customers', 'Customer'), 'EmployeeID' => array('employees', 'Employee'), 'ShipVia' => array('shippers', 'Ship Via'));
foreach ($lookup_fields as $luf => $ptfc) {
$pt_perm = getTablePermissions($ptfc[0]);
// process foreign key links
if ($pt_perm['view'] || $pt_perm['edit']) {
$templateCode = str_replace("<%%PLINK({$luf})%%>", '<button type="button" class="btn btn-default view_parent hspacer-lg" id="' . $ptfc[0] . '_view_parent" title="' . htmlspecialchars($Translation['View'] . ' ' . $ptfc[1], ENT_QUOTES, 'iso-8859-1') . '"><i class="glyphicon glyphicon-eye-open"></i></button>', $templateCode);
}
// if user has insert permission to parent table of a lookup field, put an add new button
if ($pt_perm['insert'] && !$_REQUEST['Embedded']) {
$templateCode = str_replace("<%%ADDNEW({$ptfc[0]})%%>", '<button type="button" class="btn btn-success add_new_parent" id="' . $ptfc[0] . '_add_new" title="' . htmlspecialchars($Translation['Add New'] . ' ' . $ptfc[1], ENT_QUOTES, 'iso-8859-1') . '"><i class="glyphicon glyphicon-plus-sign"></i></button>', $templateCode);
}
}
// process images
$templateCode = str_replace('<%%UPLOADFILE(OrderID)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(CustomerID)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(EmployeeID)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(OrderDate)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(RequiredDate)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(ShippedDate)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(ShipVia)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(Freight)%%>', '', $templateCode);
// process values
if ($selected_id) {
$templateCode = str_replace('<%%VALUE(OrderID)%%>', htmlspecialchars($row['OrderID'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(OrderID)%%>', urlencode($urow['OrderID']), $templateCode);
$templateCode = str_replace('<%%VALUE(CustomerID)%%>', htmlspecialchars($row['CustomerID'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(CustomerID)%%>', urlencode($urow['CustomerID']), $templateCode);
$templateCode = str_replace('<%%VALUE(EmployeeID)%%>', htmlspecialchars($row['EmployeeID'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(EmployeeID)%%>', urlencode($urow['EmployeeID']), $templateCode);
$templateCode = str_replace('<%%VALUE(OrderDate)%%>', @date('m/d/Y', @strtotime(htmlspecialchars($row['OrderDate'], ENT_QUOTES, 'iso-8859-1'))), $templateCode);
$templateCode = str_replace('<%%URLVALUE(OrderDate)%%>', urlencode(@date('m/d/Y', @strtotime(htmlspecialchars($urow['OrderDate'], ENT_QUOTES, 'iso-8859-1')))), $templateCode);
$templateCode = str_replace('<%%VALUE(RequiredDate)%%>', @date('m/d/Y', @strtotime(htmlspecialchars($row['RequiredDate'], ENT_QUOTES, 'iso-8859-1'))), $templateCode);
$templateCode = str_replace('<%%URLVALUE(RequiredDate)%%>', urlencode(@date('m/d/Y', @strtotime(htmlspecialchars($urow['RequiredDate'], ENT_QUOTES, 'iso-8859-1')))), $templateCode);
$templateCode = str_replace('<%%VALUE(ShippedDate)%%>', @date('m/d/Y', @strtotime(htmlspecialchars($row['ShippedDate'], ENT_QUOTES, 'iso-8859-1'))), $templateCode);
$templateCode = str_replace('<%%URLVALUE(ShippedDate)%%>', urlencode(@date('m/d/Y', @strtotime(htmlspecialchars($urow['ShippedDate'], ENT_QUOTES, 'iso-8859-1')))), $templateCode);
$templateCode = str_replace('<%%VALUE(ShipVia)%%>', htmlspecialchars($row['ShipVia'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(ShipVia)%%>', urlencode($urow['ShipVia']), $templateCode);
$templateCode = str_replace('<%%VALUE(Freight)%%>', htmlspecialchars($row['Freight'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(Freight)%%>', urlencode($urow['Freight']), $templateCode);
} else {
$templateCode = str_replace('<%%VALUE(OrderID)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(OrderID)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(CustomerID)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(CustomerID)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(EmployeeID)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(EmployeeID)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(OrderDate)%%>', '1', $templateCode);
$templateCode = str_replace('<%%URLVALUE(OrderDate)%%>', urlencode('1'), $templateCode);
$templateCode = str_replace('<%%VALUE(RequiredDate)%%>', '1', $templateCode);
$templateCode = str_replace('<%%URLVALUE(RequiredDate)%%>', urlencode('1'), $templateCode);
$templateCode = str_replace('<%%VALUE(ShippedDate)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(ShippedDate)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(ShipVia)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(ShipVia)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(Freight)%%>', '0', $templateCode);
$templateCode = str_replace('<%%URLVALUE(Freight)%%>', urlencode('0'), $templateCode);
}
// process translations
foreach ($Translation as $symbol => $trans) {
$templateCode = str_replace("<%%TRANSLATION({$symbol})%%>", $trans, $templateCode);
}
// clear scrap
$templateCode = str_replace('<%%', '<!-- ', $templateCode);
$templateCode = str_replace('%%>', ' -->', $templateCode);
// hide links to inaccessible tables
if ($_POST['dvprint_x'] == '') {
$templateCode .= "\n\n<script>\$j(function(){\n";
$arrTables = getTableList();
foreach ($arrTables as $name => $caption) {
$templateCode .= "\t\$j('#{$name}_link').removeClass('hidden');\n";
$templateCode .= "\t\$j('#xs_{$name}_link').removeClass('hidden');\n";
}
$templateCode .= $jsReadOnly;
$templateCode .= $jsEditable;
if (!$selected_id) {
}
$templateCode .= "\n});</script>\n";
}
// ajaxed auto-fill fields
$templateCode .= '<script>';
$templateCode .= '$j(function() {';
$templateCode .= "\tCustomerID_update_autofills{$rnd1} = function(){\n";
$templateCode .= "\t\tnew Ajax.Request(\n";
if ($dvprint) {
$templateCode .= "\t\t\t'orders_autofill.php?rnd1={$rnd1}&mfk=CustomerID&id='+encodeURIComponent('" . addslashes($row['CustomerID']) . "'),\n";
$templateCode .= "\t\t\t{encoding: 'iso-8859-1', method: 'get'}\n";
} else {
$templateCode .= "\t\t\t'orders_autofill.php?rnd1={$rnd1}&mfk=CustomerID&id=' + encodeURIComponent(current_CustomerID{$rnd1}.value),\n";
$templateCode .= "\t\t\t{encoding: 'iso-8859-1', method: 'get', onCreate: function(){ \$('CustomerID{$rnd1}').disable(); \$('CustomerIDLoading').innerHTML='<img src=loading.gif align=top>'; }, onComplete: function(){" . ($arrPerm[1] || ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) ? "\$('CustomerID{$rnd1}').enable(); " : "\$('CustomerID{$rnd1}').disable(); ") . "\$('CustomerIDLoading').innerHTML='';}}\n";
}
$templateCode .= "\t\t);\n";
$templateCode .= "\t};\n";
if (!$dvprint) {
$templateCode .= "\tif(\$('CustomerID_caption') != undefined) \$('CustomerID_caption').onchange=CustomerID_update_autofills{$rnd1};\n";
}
$templateCode .= "});";
$templateCode .= "</script>";
$templateCode .= $lookups;
// handle enforced parent values for read-only lookup fields
// don't include blank images in lightbox gallery
$templateCode = preg_replace('/blank.gif" rel="lightbox\\[.*?\\]"/', 'blank.gif"', $templateCode);
// don't display empty email links
$templateCode = preg_replace('/<a .*?href="mailto:".*?<\\/a>/', '', $templateCode);
// hook: orders_dv
if (function_exists('orders_dv')) {
$args = array();
orders_dv($selected_id ? $selected_id : FALSE, getMemberInfo(), $templateCode, $args);
}
return $templateCode;
}
<?php
// This script and data application were generated by AppGini 5.23
// Download AppGini for free from http://bigprof.com/appgini/download/
$currDir = dirname(__FILE__);
include "{$currDir}/defaultLang.php";
include "{$currDir}/language.php";
include "{$currDir}/lib.php";
@(include "{$currDir}/hooks/companies.php");
include "{$currDir}/companies_dml.php";
// mm: can the current member access this page?
$perm = getTablePermissions('companies');
if (!$perm[0]) {
echo error_message($Translation['tableAccessDenied'], false);
echo '<script>setTimeout("window.location=\'index.php?signOut=1\'", 2000);</script>';
exit;
}
$x = new DataList();
$x->TableName = "companies";
// Fields that can be displayed in the table view
$x->QueryFieldsTV = array("`companies`.`company_id`" => "company_id", "`companies`.`name`" => "name", "IF( CHAR_LENGTH(`clients1`.`name`), CONCAT_WS('', `clients1`.`name`), '') /* Client */" => "client", "`companies`.`website`" => "website", "`companies`.`description`" => "description", "`companies`.`founded`" => "founded", "`companies`.`industry`" => "industry", "`companies`.`company_number`" => "company_number", "`companies`.`country_hq`" => "country_hq", "`companies`.`country_operations`" => "country_operations", "`companies`.`num_employees`" => "num_employees", "`companies`.`company_type`" => "company_type", "IF( CHAR_LENGTH(`sic1`.`code`) || CHAR_LENGTH(`sic1`.`activity`), CONCAT_WS('', `sic1`.`code`, ' - ', `sic1`.`activity`), '') /* SIC code */" => "sic_code", "if(`companies`.`created`,date_format(`companies`.`created`,'%d/%m/%Y'),'')" => "created", "`companies`.`created_by`" => "created_by");
// mapping incoming sort by requests to actual query fields
$x->SortFields = array(1 => '`companies`.`company_id`', 2 => 2, 3 => 3, 4 => 4, 5 => 5, 6 => '`companies`.`founded`', 7 => 7, 8 => '`companies`.`company_number`', 9 => 9, 10 => 10, 11 => '`companies`.`num_employees`', 12 => 12, 13 => 13, 14 => '`companies`.`created`', 15 => 15);
// Fields that can be displayed in the csv file
$x->QueryFieldsCSV = array("`companies`.`company_id`" => "company_id", "`companies`.`name`" => "name", "IF( CHAR_LENGTH(`clients1`.`name`), CONCAT_WS('', `clients1`.`name`), '') /* Client */" => "client", "`companies`.`website`" => "website", "`companies`.`description`" => "description", "`companies`.`founded`" => "founded", "`companies`.`industry`" => "industry", "`companies`.`company_number`" => "company_number", "`companies`.`country_hq`" => "country_hq", "`companies`.`country_operations`" => "country_operations", "`companies`.`num_employees`" => "num_employees", "`companies`.`company_type`" => "company_type", "IF( CHAR_LENGTH(`sic1`.`code`) || CHAR_LENGTH(`sic1`.`activity`), CONCAT_WS('', `sic1`.`code`, ' - ', `sic1`.`activity`), '') /* SIC code */" => "sic_code", "if(`companies`.`created`,date_format(`companies`.`created`,'%d/%m/%Y'),'')" => "created", "`companies`.`created_by`" => "created_by");
// Fields that can be filtered
$x->QueryFieldsFilters = array("`companies`.`company_id`" => "ID", "`companies`.`name`" => "Name", "IF( CHAR_LENGTH(`clients1`.`name`), CONCAT_WS('', `clients1`.`name`), '') /* Client */" => "Client", "`companies`.`website`" => "Website", "`companies`.`description`" => "Description", "`companies`.`founded`" => "Year founded", "`companies`.`industry`" => "Industry", "`companies`.`company_number`" => "Company number", "`companies`.`country_hq`" => "Country based", "`companies`.`country_operations`" => "Country of operations", "`companies`.`num_employees`" => "Number of employees", "`companies`.`company_type`" => "Company type", "IF( CHAR_LENGTH(`sic1`.`code`) || CHAR_LENGTH(`sic1`.`activity`), CONCAT_WS('', `sic1`.`code`, ' - ', `sic1`.`activity`), '') /* SIC code */" => "SIC code", "`companies`.`created`" => "Date created", "`companies`.`created_by`" => "Created by");
// Fields that can be quick searched
$x->QueryFieldsQS = array("`companies`.`company_id`" => "company_id", "`companies`.`name`" => "name", "IF( CHAR_LENGTH(`clients1`.`name`), CONCAT_WS('', `clients1`.`name`), '') /* Client */" => "client", "`companies`.`website`" => "website", "`companies`.`description`" => "description", "`companies`.`founded`" => "founded", "`companies`.`industry`" => "industry", "`companies`.`company_number`" => "company_number", "`companies`.`country_hq`" => "country_hq", "`companies`.`country_operations`" => "country_operations", "`companies`.`num_employees`" => "num_employees", "`companies`.`company_type`" => "company_type", "IF( CHAR_LENGTH(`sic1`.`code`) || CHAR_LENGTH(`sic1`.`activity`), CONCAT_WS('', `sic1`.`code`, ' - ', `sic1`.`activity`), '') /* SIC code */" => "sic_code", "if(`companies`.`created`,date_format(`companies`.`created`,'%d/%m/%Y'),'')" => "created", "`companies`.`created_by`" => "created_by");
// Lookup fields that can be used as filterers
$x->filterers = array('client' => 'Client', 'sic_code' => 'SIC code');
function Render()
{
// get post and get variables
global $Translation;
$adminConfig = config('adminConfig');
$FiltersPerGroup = 4;
$buttonWholeWidth = 136;
$current_view = '';
/* TV, DV, TVDV, TVP, DVP, Filters */
$Embedded = intval($_REQUEST['Embedded']);
if ($_SERVER['REQUEST_METHOD'] == 'GET') {
$SortField = $_GET["SortField"];
$SortDirection = $_GET["SortDirection"];
$FirstRecord = $_GET["FirstRecord"];
$ScrollUp_y = $_GET["ScrollUp_y"];
$ScrollDn_y = $_GET["ScrollDn_y"];
$Previous_x = $_GET["Previous_x"];
$Next_x = $_GET["Next_x"];
$Filter_x = $_GET["Filter_x"];
$SaveFilter_x = $_GET["SaveFilter_x"];
$NoFilter_x = $_GET["NoFilter_x"];
$CancelFilter = $_GET["CancelFilter"];
$ApplyFilter = $_GET["ApplyFilter"];
$Search_x = $_GET["Search_x"];
$SearchString = get_magic_quotes_gpc() ? stripslashes($_GET['SearchString']) : $_GET['SearchString'];
$CSV_x = $_GET["CSV_x"];
$FilterAnd = $_GET["FilterAnd"];
$FilterField = $_GET["FilterField"];
$FilterOperator = $_GET["FilterOperator"];
if (is_array($_GET['FilterValue'])) {
foreach ($_GET['FilterValue'] as $fvi => $fv) {
$FilterValue[$fvi] = get_magic_quotes_gpc() ? stripslashes($fv) : $fv;
}
}
$Print_x = $_GET['Print_x'];
$PrintTV = $_GET['PrintTV'];
$PrintDV = $_GET['PrintDV'];
$SelectedID = get_magic_quotes_gpc() ? stripslashes($_GET['SelectedID']) : $_GET['SelectedID'];
$insert_x = $_GET['insert_x'];
$update_x = $_GET['update_x'];
$delete_x = $_GET['delete_x'];
$SkipChecks = $_GET['confirmed'];
$deselect_x = $_GET['deselect_x'];
$addNew_x = $_GET['addNew_x'];
$dvprint_x = $_GET['dvprint_x'];
$DisplayRecords = in_array($_GET['DisplayRecords'], array('user', 'group')) ? $_GET['DisplayRecords'] : 'all';
} else {
$SortField = $_POST['SortField'];
$SortDirection = $_POST['SortDirection'];
$FirstRecord = $_POST['FirstRecord'];
$ScrollUp_y = $_POST['ScrollUp_y'];
$ScrollDn_y = $_POST['ScrollDn_y'];
$Previous_x = $_POST['Previous_x'];
$Next_x = $_POST['Next_x'];
$Filter_x = $_POST['Filter_x'];
$SaveFilter_x = $_POST['SaveFilter_x'];
$NoFilter_x = $_POST['NoFilter_x'];
$CancelFilter = $_POST['CancelFilter'];
$ApplyFilter = $_POST['ApplyFilter'];
$Search_x = $_POST['Search_x'];
$SearchString = get_magic_quotes_gpc() ? stripslashes($_POST['SearchString']) : $_POST['SearchString'];
$CSV_x = $_POST['CSV_x'];
$FilterAnd = $_POST['FilterAnd'];
$FilterField = $_POST['FilterField'];
$FilterOperator = $_POST['FilterOperator'];
if (is_array($_POST['FilterValue'])) {
foreach ($_POST['FilterValue'] as $fvi => $fv) {
$FilterValue[$fvi] = get_magic_quotes_gpc() ? stripslashes($fv) : $fv;
}
}
$Print_x = $_POST['Print_x'];
$PrintTV = $_POST['PrintTV'];
$PrintDV = $_POST['PrintDV'];
$SelectedID = get_magic_quotes_gpc() ? stripslashes($_POST['SelectedID']) : $_POST['SelectedID'];
$insert_x = $_POST['insert_x'];
$update_x = $_POST['update_x'];
$delete_x = $_POST['delete_x'];
$SkipChecks = $_POST['confirmed'];
$deselect_x = $_POST['deselect_x'];
$addNew_x = $_POST['addNew_x'];
$dvprint_x = $_POST['dvprint_x'];
$DisplayRecords = in_array($_POST['DisplayRecords'], array('user', 'group')) ? $_POST['DisplayRecords'] : 'all';
}
$mi = getMemberInfo();
// insure authenticity of user inputs:
if (is_array($FilterAnd)) {
foreach ($FilterAnd as $i => $f) {
if ($f && !preg_match('/^(and|or)$/i', trim($f))) {
$FilterAnd[$i] = 'and';
}
}
}
if (is_array($FilterOperator)) {
foreach ($FilterOperator as $i => $f) {
if ($f && !in_array(trim($f), array_keys($GLOBALS['filter_operators']))) {
$FilterOperator[$i] = '';
}
}
}
if (!preg_match('/^\\s*[1-9][0-9]*\\s*(asc|desc)?(\\s*,\\s*[1-9][0-9]*\\s*(asc|desc)?)*$/i', $SortField)) {
$SortField = '';
}
if (!preg_match('/^(asc|desc)$/i', $SortDirection)) {
$SortDirection = '';
}
if (!$this->AllowDelete) {
$delete_x = '';
}
if (!$this->AllowDeleteOfParents) {
$SkipChecks = '';
}
if (!$this->AllowInsert) {
$insert_x = '';
$addNew_x = '';
}
if (!$this->AllowUpdate) {
$update_x = '';
}
if (!$this->AllowFilters) {
$Filter_x = '';
}
if (!$this->AllowPrinting) {
$Print_x = '';
$PrintTV = '';
}
if (!$this->QuickSearch) {
$SearchString = '';
}
if (!$this->AllowCSV) {
$CSV_x = '';
}
// enforce record selection if user has edit/delete permissions on the current table
$AllowPrintDV = 1;
$this->Permissions = getTablePermissions($this->TableName);
if ($this->Permissions[3] || $this->Permissions[4]) {
// current user can edit or delete?
$this->AllowSelection = 1;
} elseif (!$this->AllowSelection) {
$SelectedID = '';
$AllowPrintDV = 0;
$PrintDV = '';
}
if (!$this->AllowSelection || !$SelectedID) {
$dvprint_x = '';
}
$this->QueryFieldsIndexed = reIndex($this->QueryFieldsFilters);
// determine type of current view: TV, DV, TVDV, TVP, DVP or Filters?
if ($this->SeparateDV) {
$current_view = 'TV';
if ($Print_x != '' || $PrintTV != '') {
$current_view = 'TVP';
} elseif ($dvprint_x != '' || $PrintDV != '') {
$current_view = 'DVP';
} elseif ($Filter_x != '') {
$current_view = 'Filters';
} elseif ($SelectedID && !$deselect_x && !$delete_x || $addNew_x != '') {
$current_view = 'DV';
}
} else {
$current_view = 'TVDV';
if ($Print_x != '' || $PrintTV != '') {
$current_view = 'TVP';
} elseif ($dvprint_x != '' || $PrintDV != '') {
$current_view = 'DVP';
} elseif ($Filter_x != '') {
$current_view = 'Filters';
}
}
$this->HTML .= '<div class="row"><div class="col-xs-11 col-md-12">';
$this->HTML .= '<form ' . (datalist_image_uploads_exist ? 'enctype="multipart/form-data" ' : '') . 'method="post" name="myform" action="' . $this->ScriptFileName . '">';
if ($Embedded) {
$this->HTML .= '<input name="Embedded" value="1" type="hidden" />';
}
$this->HTML .= '<script>';
$this->HTML .= 'function enterAction(){';
$this->HTML .= ' if($$("input[name=SearchString]:focus")[0] != undefined){ $("Search").click(); }';
$this->HTML .= ' return false;';
$this->HTML .= '}';
$this->HTML .= '</script>';
$this->HTML .= '<input id="EnterAction" type="submit" style="position: absolute; left: 0px; top: -250px;" onclick="return enterAction();">';
$this->ContentType = 'tableview';
// default content type
if ($PrintTV != '') {
$Print_x = 1;
$_POST['Print_x'] = 1;
}
// handle user commands ...
if ($deselect_x != '') {
$SelectedID = '';
$this->showTV();
} elseif ($insert_x != '') {
$SelectedID = call_user_func($this->TableName . '_insert');
// redirect to a safe url to avoid refreshing and thus
// insertion of duplicate records.
$url = $this->RedirectAfterInsert;
$insert_status = 'record-added-ok=' . rand();
if (!$SelectedID) {
$insert_status = 'record-added-error=' . rand();
}
// compose filters and sorting
foreach ($this->filterers as $filterer => $caption) {
if ($_REQUEST['filterer_' . $filterer] != '') {
$filtersGET .= '&filterer_' . $filterer . '=' . urlencode($_REQUEST['filterer_' . $filterer]);
}
}
for ($i = 1; $i <= 20 * $FiltersPerGroup; $i++) {
// Number of filters allowed
if ($FilterField[$i] != '' && $FilterOperator[$i] != '' && ($FilterValue[$i] != '' || strpos($FilterOperator[$i], 'empty'))) {
$filtersGET .= "&FilterAnd[{$i}]={$FilterAnd[$i]}&FilterField[{$i}]={$FilterField[$i]}&FilterOperator[{$i}]={$FilterOperator[$i]}&FilterValue[{$i}]=" . urlencode($FilterValue[$i]);
}
}
if ($Embedded) {
$filtersGET .= '&Embedded=1&SelectedID=' . urlencode($SelectedID);
}
$filtersGET .= "&SortField={$SortField}&SortDirection={$SortDirection}&FirstRecord={$FirstRecord}";
$filtersGET .= "&DisplayRecords={$DisplayRecords}";
$filtersGET .= '&SearchString=' . urlencode($SearchString);
$filtersGET = substr($filtersGET, 1);
// remove initial &
if ($url) {
/* if designer specified a redirect-after-insert url */
$url .= (strpos($url, '?') !== false ? '&' : '?') . $insert_status;
$url .= strpos($url, $this->ScriptFileName) !== false ? "&{$filtersGET}" : '';
$url = str_replace("#ID#", urlencode($SelectedID), $url);
} else {
/* if no redirect-after-insert url, use default */
$url = "{$this->ScriptFileName}?{$insert_status}&{$filtersGET}";
/* if DV and TV in same page, select new record */
if (!$this->SeparateDV) {
$url .= '&SelectedID=' . urlencode($SelectedID);
}
}
@header('Location: ' . $url);
$this->HTML .= "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"0;url=" . $url . "\">";
return;
} elseif ($delete_x != '') {
$d = call_user_func($this->TableName . '_delete', $SelectedID, $this->AllowDeleteOfParents, $SkipChecks);
// handle ajax delete requests
if (is_ajax()) {
die($d ? $d : 'OK');
}
if ($d) {
//$_REQUEST['record-deleted-error'] = 1;
$this->HTML .= error_message($d);
} else {
$_REQUEST['record-deleted-ok'] = 1;
$SelectedID = '';
$this->showTV();
}
} elseif ($update_x != '') {
$updated = call_user_func($this->TableName . '_update', $SelectedID);
$update_status = 'record-updated-ok=' . rand();
if ($updated === false) {
$update_status = 'record-updated-error=' . rand();
}
// compose filters and sorting
foreach ($this->filterers as $filterer => $caption) {
if ($_REQUEST['filterer_' . $filterer] != '') {
$filtersGET .= '&filterer_' . $filterer . '=' . urlencode($_REQUEST['filterer_' . $filterer]);
}
}
for ($i = 1; $i <= 20 * $FiltersPerGroup; $i++) {
// Number of filters allowed
if ($FilterField[$i] != '' && $FilterOperator[$i] != '' && ($FilterValue[$i] != '' || strpos($FilterOperator[$i], 'empty'))) {
$filtersGET .= "&FilterAnd[{$i}]={$FilterAnd[$i]}&FilterField[{$i}]={$FilterField[$i]}&FilterOperator[{$i}]={$FilterOperator[$i]}&FilterValue[{$i}]=" . urlencode($FilterValue[$i]);
}
}
$filtersGET .= "&SortField={$SortField}&SortDirection={$SortDirection}&FirstRecord={$FirstRecord}&Embedded={$Embedded}";
$filtersGET .= "&DisplayRecords={$DisplayRecords}";
$filtersGET .= '&SearchString=' . urlencode($SearchString);
$filtersGET = substr($filtersGET, 1);
// remove initial &
$redirectUrl = $this->ScriptFileName . '?SelectedID=' . urlencode($SelectedID) . '&' . $filtersGET . '&' . $update_status;
@header("Location: {$redirectUrl}");
$this->HTML .= '<META HTTP-EQUIV="Refresh" CONTENT="0;url=' . $redirectUrl . '">';
return;
} elseif ($addNew_x != '') {
$SelectedID = '';
$this->hideTV();
} elseif ($Print_x != '') {
// print code here ....
$this->AllowNavigation = 0;
$this->AllowSelection = 0;
} elseif ($SaveFilter_x != '' && $this->AllowSavingFilters) {
$filter_link = $_SERVER['HTTP_REFERER'] . '?SortField=' . urlencode($SortField) . '&SortDirection=' . $SortDirection . '&';
for ($i = 1; $i <= 20 * $FiltersPerGroup; $i++) {
// Number of filters allowed
if (($FilterField[$i] != '' || $i == 1) && $FilterOperator[$i] != '' && ($FilterValue[$i] != '' || strpos($FilterOperator[$i], 'empty'))) {
$filter_link .= urlencode("FilterAnd[{$i}]") . '=' . urlencode($FilterAnd[$i]) . '&';
$filter_link .= urlencode("FilterField[{$i}]") . '=' . urlencode($FilterField[$i]) . '&';
$filter_link .= urlencode("FilterOperator[{$i}]") . '=' . urlencode($FilterOperator[$i]) . '&';
$filter_link .= urlencode("FilterValue[{$i}]") . '=' . urlencode($FilterValue[$i]) . '&';
}
}
$filter_link = substr($filter_link, 0, -1);
/* trim last '&' */
$this->HTML .= '<div id="saved_filter_source_code" class="row"><div class="col-md-6 col-md-offset-3">';
$this->HTML .= '<div class="panel panel-info">';
$this->HTML .= '<div class="panel-heading"><h3 class="panel-title">' . $Translation["saved filters title"] . "</h3></div>";
$this->HTML .= '<div class="panel-body">';
$this->HTML .= $Translation["saved filters instructions"];
$this->HTML .= '<textarea rows="4" class="form-control vspacer-lg" style="width: 100%;" onfocus="$j(this).select();">' . "<a href=\"{$filter_link}\">Saved filter link<a>" . '</textarea>';
$this->HTML .= "<div><a href=\"{$filter_link}\" title=\"" . htmlspecialchars($filter_link) . "\">{$Translation['permalink']}</a></div>";
$this->HTML .= '<button type="button" class="btn btn-default btn-block vspacer-lg" onclick="$j(\'#saved_filter_source_code\').remove();"><i class="glyphicon glyphicon-remove"></i> ' . $Translation['hide code'] . '</button>';
$this->HTML .= '</div>';
$this->HTML .= '</div>';
$this->HTML .= '</div></div>';
} elseif ($Filter_x != '') {
$orderBy = array();
if ($SortField) {
$sortFields = explode(',', $SortField);
$i = 0;
foreach ($sortFields as $sf) {
$tob = preg_split('/\\s+/', $sf, 2);
$orderBy[] = array(trim($tob[0]) => strtolower(trim($tob[1])) == 'desc' ? 'desc' : 'asc');
$i++;
}
$orderBy[$i - 1][$tob[0]] = strtolower(trim($SortDirection)) == 'desc' ? 'desc' : 'asc';
}
$currDir = dirname(__FILE__) . '/hooks';
// path to hooks folder
$uff = "{$currDir}/{$this->TableName}.filters.{$mi['username']}.php";
// user-specific filter file
$gff = "{$currDir}/{$this->TableName}.filters.{$mi['group']}.php";
// group-specific filter file
$tff = "{$currDir}/{$this->TableName}.filters.php";
// table-specific filter file
/*
if no explicit filter file exists, look for filter files in the hooks folder in this order:
1. tablename.filters.username.php ($uff)
2. tablename.filters.groupname.php ($gff)
3. tablename.filters.php ($tff)
*/
if (!is_file($this->FilterPage)) {
$this->FilterPage = 'defaultFilters.php';
if (is_file($uff)) {
$this->FilterPage = $uff;
} elseif (is_file($gff)) {
$this->FilterPage = $gff;
} elseif (is_file($tff)) {
$this->FilterPage = $tff;
}
}
if ($this->FilterPage != '') {
ob_start();
@(include $this->FilterPage);
$out = ob_get_contents();
ob_end_clean();
$this->HTML .= $out;
}
// hidden variables ....
$this->HTML .= '<input name="SortField" value="' . $SortField . '" type="hidden" />';
$this->HTML .= '<input name="SortDirection" type="hidden" value="' . $SortDirection . '" />';
$this->HTML .= '<input name="FirstRecord" type="hidden" value="1" />';
$this->ContentType = 'filters';
return;
} elseif ($NoFilter_x != '') {
// clear all filters ...
for ($i = 1; $i <= datalist_filters_count * $FiltersPerGroup; $i++) {
// Number of filters allowed
$FilterField[$i] = '';
$FilterOperator[$i] = '';
$FilterValue[$i] = '';
}
$DisplayRecords = 'all';
$SearchString = '';
$FirstRecord = 1;
// clear filterers
foreach ($this->filterers as $filterer => $caption) {
$_REQUEST['filterer_' . $filterer] = '';
}
} elseif ($SelectedID) {
$this->hideTV();
}
// apply lookup filterers to the query
foreach ($this->filterers as $filterer => $caption) {
if ($_REQUEST['filterer_' . $filterer] != '') {
if ($this->QueryWhere == '') {
$this->QueryWhere = "where ";
} else {
$this->QueryWhere .= " and ";
}
$this->QueryWhere .= "`{$this->TableName}`.`{$filterer}`='" . makeSafe($_REQUEST['filterer_' . $filterer]) . "' ";
break;
// currently, only one filterer can be applied at a time
}
}
// apply quick search to the query
if ($SearchString != '') {
if ($Search_x != '') {
$FirstRecord = 1;
}
if ($this->QueryWhere == '') {
$this->QueryWhere = "where ";
} else {
$this->QueryWhere .= " and ";
}
foreach ($this->QueryFieldsQS as $fName => $fCaption) {
if (strpos($fName, '<img') === False) {
$this->QuerySearchableFields[$fName] = $fCaption;
}
}
$this->QueryWhere .= '(' . implode(" LIKE '%" . makeSafe($SearchString) . "%' or ", array_keys($this->QuerySearchableFields)) . " LIKE '%" . makeSafe($SearchString) . "%')";
}
// set query filters
$QueryHasWhere = 0;
if (strpos($this->QueryWhere, 'where ') !== FALSE) {
$QueryHasWhere = 1;
}
$WhereNeedsClosing = 0;
for ($i = 1; $i <= datalist_filters_count * $FiltersPerGroup; $i += $FiltersPerGroup) {
// Number of filters allowed
// test current filter group
$GroupHasFilters = 0;
for ($j = 0; $j < $FiltersPerGroup; $j++) {
if ($FilterField[$i + $j] != '' && $this->QueryFieldsIndexed[$FilterField[$i + $j]] != '' && $FilterOperator[$i + $j] != '' && ($FilterValue[$i + $j] != '' || strpos($FilterOperator[$i + $j], 'empty'))) {
$GroupHasFilters = 1;
break;
}
}
if ($GroupHasFilters) {
if (!stristr($this->QueryWhere, "where ")) {
$this->QueryWhere = "where (";
} elseif ($QueryHasWhere) {
$this->QueryWhere .= " and (";
$QueryHasWhere = 0;
}
$this->QueryWhere .= " <FilterGroup> " . $FilterAnd[$i] . " (";
for ($j = 0; $j < $FiltersPerGroup; $j++) {
if ($FilterField[$i + $j] != '' && $this->QueryFieldsIndexed[$FilterField[$i + $j]] != '' && $FilterOperator[$i + $j] != '' && ($FilterValue[$i + $j] != '' || strpos($FilterOperator[$i + $j], 'empty'))) {
if ($FilterAnd[$i + $j] == '') {
$FilterAnd[$i + $j] = 'and';
}
// test for date/time fields
$tries = 0;
$isDateTime = FALSE;
$isDate = FALSE;
$fieldName = str_replace('`', '', $this->QueryFieldsIndexed[$FilterField[$i + $j]]);
list($tn, $fn) = explode('.', $fieldName);
while (!($res = sql("show columns from `{$tn}` like '{$fn}'", $eo)) && $tries < 2) {
$tn = substr($tn, 0, -1);
$tries++;
}
if ($row = @db_fetch_array($res)) {
if ($row['Type'] == 'date' || $row['Type'] == 'time') {
$isDateTime = TRUE;
if ($row['Type'] == 'date') {
$isDate = True;
}
}
}
// end of test
if ($FilterOperator[$i + $j] == 'is-empty' && !$isDateTime) {
$this->QueryWhere .= " <FilterItem> " . $FilterAnd[$i + $j] . " (" . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . "='' or " . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . " is NULL) </FilterItem>";
} elseif ($FilterOperator[$i + $j] == 'is-not-empty' && !$isDateTime) {
$this->QueryWhere .= " <FilterItem> " . $FilterAnd[$i + $j] . " " . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . "!='' </FilterItem>";
} elseif ($FilterOperator[$i + $j] == 'is-empty' && $isDateTime) {
$this->QueryWhere .= " <FilterItem> " . $FilterAnd[$i + $j] . " (" . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . "=0 or " . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . " is NULL) </FilterItem>";
} elseif ($FilterOperator[$i + $j] == 'is-not-empty' && $isDateTime) {
$this->QueryWhere .= " <FilterItem> " . $FilterAnd[$i + $j] . " " . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . "!=0 </FilterItem>";
} elseif ($FilterOperator[$i + $j] == 'like' && !strstr($FilterValue[$i + $j], "%") && !strstr($FilterValue[$i + $j], "_")) {
$this->QueryWhere .= " <FilterItem> " . $FilterAnd[$i + $j] . " " . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . " like '%" . makeSafe($FilterValue[$i + $j]) . "%' </FilterItem>";
} elseif ($FilterOperator[$i + $j] == 'not-like' && !strstr($FilterValue[$i + $j], "%") && !strstr($FilterValue[$i + $j], "_")) {
$this->QueryWhere .= " <FilterItem> " . $FilterAnd[$i + $j] . " " . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . " not like '%" . makeSafe($FilterValue[$i + $j]) . "%' </FilterItem>";
} elseif ($isDate) {
$dateValue = toMySQLDate($FilterValue[$i + $j]);
$this->QueryWhere .= " <FilterItem> " . $FilterAnd[$i + $j] . " " . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . " " . $GLOBALS['filter_operators'][$FilterOperator[$i + $j]] . " '{$dateValue}' </FilterItem>";
} else {
$this->QueryWhere .= " <FilterItem> " . $FilterAnd[$i + $j] . " " . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . " " . $GLOBALS['filter_operators'][$FilterOperator[$i + $j]] . " '" . makeSafe($FilterValue[$i + $j]) . "' </FilterItem>";
}
}
}
$this->QueryWhere .= ") </FilterGroup>";
$WhereNeedsClosing = 1;
}
}
if ($WhereNeedsClosing) {
$this->QueryWhere .= ")";
}
// set query sort
if (!stristr($this->QueryOrder, "order by ") && $SortField != '' && $this->AllowSorting) {
$actualSortField = $SortField;
foreach ($this->SortFields as $fieldNum => $fieldSort) {
$actualSortField = str_replace(" {$fieldNum} ", " {$fieldSort} ", " {$actualSortField} ");
$actualSortField = str_replace(",{$fieldNum} ", ",{$fieldSort} ", " {$actualSortField} ");
}
$this->QueryOrder = "order by {$actualSortField} {$SortDirection}";
}
// clean up query
$this->QueryWhere = str_replace('( <FilterGroup> and ', '( ', $this->QueryWhere);
$this->QueryWhere = str_replace('( <FilterGroup> or ', '( ', $this->QueryWhere);
$this->QueryWhere = str_replace('( <FilterItem> and ', '( ', $this->QueryWhere);
$this->QueryWhere = str_replace('( <FilterItem> or ', '( ', $this->QueryWhere);
$this->QueryWhere = str_replace('<FilterGroup>', '', $this->QueryWhere);
$this->QueryWhere = str_replace('</FilterGroup>', '', $this->QueryWhere);
$this->QueryWhere = str_replace('<FilterItem>', '', $this->QueryWhere);
$this->QueryWhere = str_replace('</FilterItem>', '', $this->QueryWhere);
// if no 'order by' clause found, apply default sorting if specified
if ($this->DefaultSortField != '' && $this->QueryOrder == '') {
$this->QueryOrder = "order by " . $this->DefaultSortField . " " . $this->DefaultSortDirection;
}
// get count of matching records ...
$TempQuery = 'SELECT count(1) from ' . $this->QueryFrom . ' ' . $this->QueryWhere;
$RecordCount = sqlValue($TempQuery);
$FieldCountTV = count($this->QueryFieldsTV);
$FieldCountCSV = count($this->QueryFieldsCSV);
$FieldCountFilters = count($this->QueryFieldsFilters);
if (!$RecordCount) {
$FirstRecord = 1;
}
// Output CSV on request
if ($CSV_x != '') {
$this->HTML = '';
if (datalist_db_encoding == 'UTF-8') {
$this->HTML = "";
}
// BOM characters for UTF-8 output
// execute query for CSV output
$fieldList = '';
foreach ($this->QueryFieldsCSV as $fn => $fc) {
$fieldList .= "{$fn} as `{$fc}`, ";
}
$fieldList = substr($fieldList, 0, -2);
$csvQuery = 'SELECT ' . $fieldList . ' from ' . $this->QueryFrom . ' ' . $this->QueryWhere . ' ' . $this->QueryOrder;
// hook: table_csv
if (function_exists($this->TableName . '_csv')) {
$args = array();
$mq = call_user_func_array($this->TableName . '_csv', array($csvQuery, $mi, &$args));
$csvQuery = $mq ? $mq : $csvQuery;
}
$result = sql($csvQuery, $eo);
// output CSV field names
for ($i = 0; $i < $FieldCountCSV; $i++) {
$this->HTML .= "\"" . db_field_name($result, $i) . "\"" . $this->CSVSeparator;
}
$this->HTML .= "\n\n";
// output CSV data
while ($row = db_fetch_row($result)) {
for ($i = 0; $i < $FieldCountCSV; $i++) {
$this->HTML .= "\"" . str_replace(array("\r\n", "\r", "\n", '"'), array(' ', ' ', ' ', '""'), strip_tags($row[$i])) . "\"" . $this->CSVSeparator;
}
$this->HTML .= "\n\n";
}
$this->HTML = str_replace($this->CSVSeparator . "\n\n", "\n", $this->HTML);
$this->HTML = substr($this->HTML, 0, -1);
// clean any output buffers
while (@ob_end_clean()) {
}
// output CSV HTTP headers ...
header('HTTP/1.1 200 OK');
header('Date: ' . @date("D M j G:i:s T Y"));
header('Last-Modified: ' . @date("D M j G:i:s T Y"));
header("Content-Type: application/force-download");
header("Content-Length: " . (string) strlen($this->HTML));
header("Content-Transfer-Encoding: Binary");
header("Content-Disposition: attachment; filename={$this->TableName}.csv");
// send output and quit script
echo $this->HTML;
exit;
}
$t = time();
// just a random number for any purpose ...
// should SelectedID be reset on clicking TV buttons?
$resetSelection = $this->SeparateDV ? "document.myform.SelectedID.value = '';" : "document.myform.writeAttribute('novalidate', 'novalidate');";
if ($current_view == 'DV' && !$Embedded) {
$this->HTML .= '<div class="page-header">';
$this->HTML .= '<h1>';
$this->HTML .= '<a style="text-decoration: none; color: inherit;" href="' . $this->TableName . '_view.php"><img src="' . $this->TableIcon . '"> ' . $this->TableTitle . '</a>';
$this->HTML .= '</h1>';
$this->HTML .= '</div>';
}
// quick search and TV action buttons
if (!$this->HideTableView && !($dvprint_x && $this->AllowSelection && $SelectedID) && !$PrintDV) {
$buttons_all = $quick_search_html = '';
if ($Print_x == '') {
// display 'Add New' icon
if ($this->Permissions[1] && $this->SeparateDV) {
$buttons_all .= '<button type="submit" id="addNew" name="addNew_x" value="1" class="btn btn-success"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Add New'] . '</button>';
$buttonsCount++;
}
// display Print icon
if ($this->AllowPrinting) {
$buttons_all .= '<button onClick="document.myform.NoDV.value=1; ' . $resetSelection . ' return true;" type="submit" name="Print_x" id="Print" value="1" class="btn btn-default"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print Preview'] . '</button>';
$buttonsCount++;
}
// display CSV icon
if ($this->AllowCSV) {
$buttons_all .= '<button onClick="document.myform.NoDV.value=1; ' . $resetSelection . ' return true;" type="submit" name="CSV_x" id="CSV" value="1" class="btn btn-default"><i class="glyphicon glyphicon-download-alt"></i> ' . $Translation['CSV'] . '</button>';
$buttonsCount++;
}
// display Filter icon
if ($this->AllowFilters) {
$buttons_all .= '<button onClick="document.myform.NoDV.value=1; ' . $resetSelection . ' return true;" type="submit" name="Filter_x" id="Filter" value="1" class="btn btn-default"><i class="glyphicon glyphicon-filter"></i> ' . $Translation['filter'] . '</button>';
$buttonsCount++;
}
// display Show All icon
if ($this->AllowFilters) {
$buttons_all .= '<button onClick="document.myform.NoDV.value=1; ' . $resetSelection . ' return true;" type="submit" name="NoFilter_x" id="NoFilter" value="1" class="btn btn-default"><i class="glyphicon glyphicon-remove-circle"></i> ' . $Translation['Reset Filters'] . '</button>';
$buttonsCount++;
}
$quick_search_html .= '<div class="input-group" id="quick-search">';
$quick_search_html .= '<input type="text" name="SearchString" value="' . htmlspecialchars($SearchString, ENT_QUOTES, 'iso-8859-1') . '" class="form-control" placeholder="' . htmlspecialchars($this->QuickSearchText) . '">';
$quick_search_html .= '<span class="input-group-btn">';
$quick_search_html .= '<button name="Search_x" value="1" id="Search" type="submit" onClick="' . $resetSelection . ' document.myform.NoDV.value=1; return true;" class="btn btn-default" title="' . htmlspecialchars($this->QuickSearchText) . '"><i class="glyphicon glyphicon-search"></i></button>';
$quick_search_html .= '<button name="NoFilter_x" value="1" id="NoFilter_x" type="submit" onClick="' . $resetSelection . ' document.myform.NoDV.value=1; return true;" class="btn btn-default" title="' . htmlspecialchars($Translation['Reset Filters']) . '"><i class="glyphicon glyphicon-remove-circle"></i></button>';
$quick_search_html .= '</span>';
$quick_search_html .= '</div>';
} else {
$buttons_all .= '<button class="btn btn-primary" type="button" id="sendToPrinter" onClick="window.print();"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print'] . '</button>';
$buttons_all .= '<button class="btn btn-default" type="submit"><i class="glyphicon glyphicon-remove-circle"></i> ' . $Translation['Cancel Printing'] . '</button>';
}
/* if user can print DV, add action to 'More' menu */
$selected_records_more = array();
if ($AllowPrintDV) {
$selected_records_more[] = array('function' => $this->SeparateDV ? 'print_multiple_dv_sdv' : 'print_multiple_dv_tvdv', 'title' => $Translation['Print Preview Detail View'], 'icon' => 'print');
}
/* if user can mass-delete selected records, add action to 'More' menu */
if ($this->AllowMassDelete && $this->AllowDelete) {
$selected_records_more[] = array('function' => 'mass_delete', 'title' => $Translation['Delete'], 'icon' => 'trash', 'class' => 'text-danger');
}
/* if user is admin, add 'Change owner' action to 'More' menu */
/* also, add help link for adding more actions */
if ($mi['admin']) {
$selected_records_more[] = array('function' => 'mass_change_owner', 'title' => $Translation['Change owner'], 'icon' => 'user');
$selected_records_more[] = array('function' => 'add_more_actions_link', 'title' => $Translation['Add more actions'], 'icon' => 'question-sign', 'class' => 'text-info');
}
/* user-defined actions ... should be set in the {tablename}_batch_actions() function in hooks/{tablename}.php */
$user_actions = array();
if (function_exists($this->TableName . '_batch_actions')) {
$args = array();
$user_actions = call_user_func_array($this->TableName . '_batch_actions', array(&$args));
if (is_array($user_actions) && count($user_actions)) {
$selected_records_more = array_merge($selected_records_more, $user_actions);
}
}
$actual_more_count = 0;
$more_menu = $more_menu_js = '';
if (count($selected_records_more)) {
$more_menu .= '<button type="button" class="btn btn-default dropdown-toggle" data-toggle="dropdown" id="selected_records_more"><i class="glyphicon glyphicon-check"></i> ' . $Translation['More'] . ' <span class="caret"></span></button>';
$more_menu .= '<ul class="dropdown-menu" role="menu">';
foreach ($selected_records_more as $action) {
if (!$action['function'] || !$action['title']) {
continue;
}
$action['class'] = !isset($action['class']) ? '' : $action['class'];
$action['icon'] = !isset($action['icon']) ? '' : $action['icon'];
$actual_more_count++;
$more_menu .= '<li>' . '<a href="#" id="selected_records_' . $action['function'] . '">' . '<span class="' . $action['class'] . '">' . ($action['icon'] ? '<i class="glyphicon glyphicon-' . $action['icon'] . '"></i> ' : '') . $action['title'] . '</span>' . '</a>' . '</li>';
// on clicking an action, call its js handler function, passing the current table name and an array of selected IDs to it
$more_menu_js .= "jQuery('[id=selected_records_{$action['function']}]').click(function(){ {$action['function']}('{$this->TableName}', get_selected_records_ids()); return false; });";
}
$more_menu .= '</ul>';
}
if ($Embedded) {
$this->HTML .= '<script>$j(function(){ $j(\'[id^=notification-]\').parent().css({\'margin-top\': \'15px\', \'margin-bottom\': \'0\'}); })</script>';
} else {
$this->HTML .= '<div class="page-header">';
$this->HTML .= '<h1>';
$this->HTML .= '<div class="row">';
$this->HTML .= '<div class="col-sm-8">';
$this->HTML .= '<a style="text-decoration: none; color: inherit;" href="' . $this->TableName . '_view.php"><img src="' . $this->TableIcon . '"> ' . $this->TableTitle . '</a>';
$this->HTML .= '</div>';
if ($this->QuickSearch) {
$this->HTML .= '<div class="col-sm-4">';
$this->HTML .= $quick_search_html;
$this->HTML .= '</div>';
}
$this->HTML .= '</div>';
$this->HTML .= '</h1>';
$this->HTML .= '</div>';
$this->HTML .= '<div id="top_buttons" class="hidden-print">';
/* .all_records: container for buttons that don't need a selection */
/* .selected_records: container for buttons that need a selection */
$this->HTML .= '<div class="btn-group btn-group-lg visible-md visible-lg all_records pull-left">' . $buttons_all . '</div>';
$this->HTML .= '<div class="btn-group btn-group-lg visible-md visible-lg selected_records hidden pull-left hspacer-lg">' . $buttons_selected . ($actual_more_count ? $more_menu : '') . '</div>';
$this->HTML .= '<div class="btn-group-vertical btn-group-lg visible-xs visible-sm all_records">' . $buttons_all . '</div>';
$this->HTML .= '<div class="btn-group-vertical btn-group-lg visible-xs visible-sm selected_records hidden vspacer-lg">' . $buttons_selected . ($actual_more_count ? $more_menu : '') . '</div>';
$this->HTML .= '<div class="clearfix"></div><p></p>';
$this->HTML .= '</div>';
}
if ($Print_x != '') {
/* fix top margin for print-preview */
$this->HTML .= '<style>body{ padding-top: 0 !important; }</style>';
/* disable links inside table body to prevent printing their href */
$this->HTML .= '<script>jQuery(function(){ jQuery("tbody a").removeAttr("href").removeAttr("rel"); });</script>';
}
// script for focusing into the search box on loading the page
// and for declaring record action handlers
$this->HTML .= '<script>jQuery(function(){ jQuery("input[name=SearchString]").focus(); ' . $more_menu_js . ' });</script>';
}
// begin table and display table title
if (!$this->HideTableView && !($dvprint_x && $this->AllowSelection && $SelectedID) && !$PrintDV && !$Embedded) {
$this->HTML .= '<div class="table-responsive"><table class="table table-striped table-bordered table-hover">';
$this->HTML .= '<thead><tr>';
if (!$Print_x) {
$this->HTML .= '<th style="width: 18px;" class="text-center"><input class="hidden-print" type="checkbox" title="' . htmlspecialchars($Translation['Select all records']) . '" id="select_all_records"></th>';
}
// Templates
if ($this->Template != '') {
$rowTemplate = @implode('', @file('./' . $this->Template));
if (!$rowTemplate) {
$rowTemplate = '';
$selrowTemplate = '';
} else {
if ($this->SelectedTemplate != '') {
$selrowTemplate = @implode('', @file('./' . $this->SelectedTemplate));
if (!$selrowTemplate) {
$selrowTemplate = '';
}
} else {
$selrowTemplate = '';
}
}
} else {
$rowTemplate = '';
$selrowTemplate = '';
}
// process translations
if ($rowTemplate) {
foreach ($Translation as $symbol => $trans) {
$rowTemplate = str_replace("<%%TRANSLATION({$symbol})%%>", $trans, $rowTemplate);
}
}
if ($selrowTemplate) {
foreach ($Translation as $symbol => $trans) {
$selrowTemplate = str_replace("<%%TRANSLATION({$symbol})%%>", $trans, $selrowTemplate);
}
}
// End of templates
// $this->ccffv: map $FilterField values to field captions as stored in ColCaption
$this->ccffv = array();
foreach ($this->ColCaption as $captionIndex => $caption) {
$ffv = 1;
foreach ($this->QueryFieldsFilters as $uselessKey => $filterCaption) {
if ($caption == $filterCaption) {
$this->ccffv[$captionIndex] = $ffv;
}
$ffv++;
}
}
// display table headers
$totalColWidth = array_sum($this->ColWidth);
$forceHeaderWidth = false;
if ($rowTemplate == '' || $this->ShowTableHeader) {
for ($i = 0; $i < count($this->ColCaption); $i++) {
/* Sorting icon and link */
$sort1 = $sort2 = $filterHint = '';
if ($this->AllowSorting == 1) {
if ($current_view != 'TVP') {
$sort1 = "<a href=\"{$this->ScriptFileName}?SortDirection=asc&SortField=" . $this->ColNumber[$i] . "\" onClick=\"{$resetSelection} document.myform.NoDV.value=1; document.myform.SortDirection.value='asc'; document.myform.SortField.value = '" . $this->ColNumber[$i] . "'; document.myform.submit(); return false;\" class=\"TableHeader\">";
$sort2 = "</a>";
}
if ($this->ColNumber[$i] == $SortField) {
$SortDirection = $SortDirection == "asc" ? "desc" : "asc";
if ($current_view != 'TVP') {
$sort1 = "<a href=\"{$this->ScriptFileName}?SortDirection={$SortDirection}&SortField=" . $this->ColNumber[$i] . "\" onClick=\"{$resetSelection} document.myform.NoDV.value=1; document.myform.SortDirection.value='{$SortDirection}'; document.myform.SortField.value = " . $this->ColNumber[$i] . "; document.myform.submit(); return false;\" class=\"TableHeader\">";
}
$sort2 = " <i class=\"text-warning glyphicon glyphicon-sort-by-attributes" . ($SortDirection == 'desc' ? '' : '-alt') . "\"></i>{$sort2}";
$SortDirection = $SortDirection == "asc" ? "desc" : "asc";
}
} else {
$sort1 = '';
$sort2 = '';
}
/* Filtering icon and hint */
if ($this->AllowFilters && is_array($FilterField)) {
// check to see if there is any filter applied on the current field
if (isset($this->ccffv[$i]) && in_array($this->ccffv[$i], $FilterField)) {
// render filter icon
$filterHint = ' <button type="submit" class="btn btn-default btn-xs' . ($current_view == 'TVP' ? ' disabled' : '') . '" name="Filter_x" value="1" title="' . htmlspecialchars($Translation['filtered field']) . '"><i class="glyphicon glyphicon-filter"></i></button>';
}
}
$this->HTML .= "\t<th class=\"{$this->TableName}-{$this->ColFieldName[$i]}\" " . ($forceHeaderWidth ? ' style="width: ' . ($this->ColWidth[$i] ? $this->ColWidth[$i] : 100) . 'px;"' : '') . ">{$sort1}{$this->ColCaption[$i]}{$sort2}{$filterHint}</th>\n";
}
} else {
// Display a Sort by drop down
$this->HTML .= "\t<th><td colspan=" . (count($this->ColCaption) + 1) . ">";
if ($this->AllowSorting == 1) {
$sortCombo = new Combo();
for ($i = 0; $i < count($this->ColCaption); $i++) {
$sortCombo->ListItem[] = $this->ColCaption[$i];
$sortCombo->ListData[] = $this->ColNumber[$i];
}
$sortCombo->SelectName = "FieldsList";
$sortCombo->SelectedData = $SortField;
$sortCombo->Class = 'TableBody';
$sortCombo->SelectedClass = 'TableBodySelected';
$sortCombo->Render();
$d = $sortCombo->HTML;
$d = str_replace('<select ', "<select onChange=\"document.myform.SortDirection.value='{$SortDirection}'; document.myform.SortField.value=document.myform.FieldsList.value; document.myform.NoDV.value=1; document.myform.submit();\" ", $d);
if ($SortField) {
$SortDirection = $SortDirection == "desc" ? "asc" : "desc";
$sort = "<a href=\"javascript: document.myform.NoDV.value=1; document.myform.SortDirection.value='{$SortDirection}'; document.myform.SortField.value='{$SortField}'; document.myform.submit();\" class=TableHeader><img src={$SortDirection}.gif border=0 width=11 height=11 hspace=3></a>";
$SortDirection = $SortDirection == "desc" ? "asc" : "desc";
} else {
$sort = '';
}
$this->HTML .= $Translation['order by'] . " {$d} {$sort}";
}
$this->HTML .= "</td></th>\n";
}
// table view navigation code ...
if ($RecordCount && $this->AllowNavigation && $RecordCount > $this->RecordsPerPage) {
while ($FirstRecord > $RecordCount) {
$FirstRecord -= $this->RecordsPerPage;
}
if ($FirstRecord == '' || $FirstRecord < 1) {
$FirstRecord = 1;
}
if ($Previous_x != '') {
$FirstRecord -= $this->RecordsPerPage;
if ($FirstRecord <= 0) {
$FirstRecord = 1;
}
} elseif ($Next_x != '') {
$FirstRecord += $this->RecordsPerPage;
if ($FirstRecord > $RecordCount) {
$FirstRecord = $RecordCount - $RecordCount % $this->RecordsPerPage + 1;
}
if ($FirstRecord > $RecordCount) {
$FirstRecord = $RecordCount - $this->RecordsPerPage + 1;
}
if ($FirstRecord <= 0) {
$FirstRecord = 1;
}
}
} elseif ($RecordCount) {
$FirstRecord = 1;
$this->RecordsPerPage = 2000;
// a limit on max records in print preview to avoid performance drops
}
// end of table view navigation code
$this->HTML .= "\n\t</tr>\n\n</thead>\n\n<tbody><!-- tv data below -->\n";
$i = 0;
$hc = new CI_Input();
$hc->charset = datalist_db_encoding;
if ($RecordCount) {
$i = $FirstRecord;
// execute query for table view
$fieldList = '';
foreach ($this->QueryFieldsTV as $fn => $fc) {
$fieldList .= "{$fn} as `{$fc}`, ";
}
$fieldList = substr($fieldList, 0, -2);
if ($this->PrimaryKey) {
$fieldList .= ", {$this->PrimaryKey} as '" . str_replace('`', '', $this->PrimaryKey) . "'";
}
$tvQuery = 'SELECT ' . $fieldList . ' from ' . $this->QueryFrom . ' ' . $this->QueryWhere . ' ' . $this->QueryOrder;
$result = sql($tvQuery . " limit " . ($i - 1) . ",{$this->RecordsPerPage}", $eo);
while (($row = db_fetch_array($result)) && $i < $FirstRecord + $this->RecordsPerPage) {
$attr_id = htmlspecialchars($row[$FieldCountTV], ENT_QUOTES, 'iso-8859-1');
/* pk value suitable for inserting into html tag attributes */
$js_id = addslashes($row[$FieldCountTV]);
/* pk value suitable for inserting into js strings */
$alt = ($i - $FirstRecord) % 2;
if (($PrintTV || $Print_x) && count($_POST['record_selector']) && !in_array($row[$FieldCountTV], $_POST['record_selector'])) {
continue;
}
$class = "TableBody" . ($alt ? 'Selected' : '') . ($fNumeric ? 'Numeric' : '');
if ($Print_x != '') {
$this->HTML .= '<tr>';
}
if (!$Print_x) {
$this->HTML .= $SelectedID == $row[$FieldCountTV] ? '<tr class="active">' : '<tr>';
$checked = is_array($_POST['record_selector']) && in_array($row[$FieldCountTV], $_POST['record_selector']) ? ' checked' : '';
$this->HTML .= "<td class=\"text-center\"><input class=\"hidden-print record_selector\" type=\"checkbox\" id=\"record_selector_{$attr_id}\" name=\"record_selector[]\" value=\"{$attr_id}\"{$checked}></td>";
}
// templates
if ($rowTemplate != '') {
if ($this->AllowSelection == 1 && $SelectedID == $row[$FieldCountTV] && $selrowTemplate != '') {
$rowTemp = $selrowTemplate;
} else {
$rowTemp = $rowTemplate;
}
if ($this->AllowSelection == 1 && $SelectedID != $row[$FieldCountTV]) {
$rowTemp = str_replace('<%%SELECT%%>', "<a onclick=\"document.myform.SelectedField.value=this.parentNode.cellIndex; document.myform.SelectedID.value='" . addslashes($row[$FieldCountTV]) . "'; document.myform.submit(); return false;\" href=\"{$this->ScriptFileName}?SelectedID=" . htmlspecialchars($row[$FieldCountTV], ENT_QUOTES) . "\" class=\"{$class}\" style=\"display: block; padding:0px;\">", $rowTemp);
$rowTemp = str_replace('<%%ENDSELECT%%>', '</a>', $rowTemp);
} else {
$rowTemp = str_replace('<%%SELECT%%>', '', $rowTemp);
$rowTemp = str_replace('<%%ENDSELECT%%>', '', $rowTemp);
}
for ($j = 0; $j < $FieldCountTV; $j++) {
$fieldTVCaption = current(array_slice($this->QueryFieldsTV, $j, 1));
$fd = $hc->xss_clean(nl2br($row[$j]));
/* Sanitize output against XSS attacks */
/*
the TV template could contain field placeholders in the format
<%%FIELD_n%%> or <%%VALUE(Field name)%%>
*/
$rowTemp = str_replace("<%%FIELD_{$j}%%>", thisOr($fd), $rowTemp);
$rowTemp = str_replace("<%%VALUE({$fieldTVCaption})%%>", thisOr($fd), $rowTemp);
if (strpos($rowTemp, "<%%YOUTUBETHUMB({$fieldTVCaption})%%>") !== false) {
$rowTemp = str_replace("<%%YOUTUBETHUMB({$fieldTVCaption})%%>", thisOr(get_embed('youtube', $fd, '', '', 'thumbnail_url'), 'blank.gif'), $rowTemp);
}
if (strpos($rowTemp, "<%%GOOGLEMAPTHUMB({$fieldTVCaption})%%>") !== false) {
$rowTemp = str_replace("<%%GOOGLEMAPTHUMB({$fieldTVCaption})%%>", thisOr(get_embed('googlemap', $fd, '', '', 'thumbnail_url'), 'blank.gif'), $rowTemp);
}
if (thisOr($fd) == ' ' && preg_match('/<a href=".*? .*?<\\/a>/i', $rowTemp, $m)) {
$rowTemp = str_replace($m[0], '', $rowTemp);
}
}
if ($alt && $SelectedID != $row[$FieldCountTV]) {
$rowTemp = str_replace("TableBody", "TableBodySelected", $rowTemp);
$rowTemp = str_replace("TableBodyNumeric", "TableBodySelectedNumeric", $rowTemp);
$rowTemp = str_replace("SelectedSelected", "Selected", $rowTemp);
}
if ($SearchString != '') {
$rowTemp = highlight($SearchString, $rowTemp);
}
$this->HTML .= $rowTemp;
$rowTemp = '';
} else {
// end of templates
for ($j = 0; $j < $FieldCountTV; $j++) {
$fType = db_field_type($result, $j);
$fNumeric = stristr($fType, 'int') || stristr($fType, 'float') || stristr($fType, 'decimal') || stristr($fType, 'numeric') || stristr($fType, 'real') || stristr($fType, 'double') ? true : false;
if ($this->AllowSelection == 1) {
$sel1 = "<a href=\"{$this->ScriptFileName}?SelectedID=" . htmlspecialchars($row[$FieldCountTV], ENT_QUOTES) . "\" onclick=\"document.myform.SelectedID.value='" . addslashes($row[$FieldCountTV]) . "'; document.myform.submit(); return false;\" class=\"{$class}\" style=\"padding:0px;\">";
$sel2 = "</a>";
} else {
$sel1 = '';
$sel2 = '';
}
$this->HTML .= "<td valign=top class={$class}><div class={$class}> {$sel1}" . $row[$j] . "{$sel2} </div></td>";
}
}
$this->HTML .= "</tr>\n";
$i++;
}
$i--;
}
$this->HTML = preg_replace("/<a href=\"(mailto:)? [^\n]*title=\" \"><\\/a>/", ' ', $this->HTML);
$this->HTML = preg_replace("/<a [^>]*>( )*<\\/a>/", ' ', $this->HTML);
$this->HTML = preg_replace("/<%%.*%%>/U", ' ', $this->HTML);
// end of data
$this->HTML .= '<!-- tv data above -->';
$this->HTML .= "\n</tbody>";
if ($Print_x == '') {
// TV
$pagesMenu = '';
if ($RecordCount > $this->RecordsPerPage) {
$pagesMenuId = "{$this->TableName}_pagesMenu";
$pagesMenu = $Translation['go to page'] . ' <select class="input-sm" id="' . $pagesMenuId . '" onChange="document.myform.writeAttribute(\'novalidate\', \'novalidate\'); document.myform.NoDV.value=1; document.myform.FirstRecord.value=(this.value * ' . $this->RecordsPerPage . '+1); document.myform.submit();">';
$pagesMenu .= '</select>';
$pagesMenu .= '<script>';
$pagesMenu .= 'var lastPage = ' . (ceil($RecordCount / $this->RecordsPerPage) - 1) . ';';
$pagesMenu .= 'var currentPage = ' . ($FirstRecord - 1) / $this->RecordsPerPage . ';';
$pagesMenu .= 'var pagesMenu = document.getElementById("' . $pagesMenuId . '");';
$pagesMenu .= 'var lump = ' . datalist_max_page_lump . ';';
$pagesMenu .= 'if(lastPage <= lump * 3){';
$pagesMenu .= ' addPageNumbers(0, lastPage);';
$pagesMenu .= '}else{';
$pagesMenu .= ' addPageNumbers(0, lump - 1);';
$pagesMenu .= ' if(currentPage < lump) addPageNumbers(lump, currentPage + lump / 2);';
$pagesMenu .= ' if(currentPage >= lump && currentPage < (lastPage - lump)){';
$pagesMenu .= ' addPageNumbers(';
$pagesMenu .= ' Math.max(currentPage - lump / 2, lump),';
$pagesMenu .= ' Math.min(currentPage + lump / 2, lastPage - lump - 1)';
$pagesMenu .= ' );';
$pagesMenu .= ' }';
$pagesMenu .= ' if(currentPage >= (lastPage - lump)) addPageNumbers(currentPage - lump / 2, lastPage - lump - 1);';
$pagesMenu .= ' addPageNumbers(lastPage - lump, lastPage);';
$pagesMenu .= '}';
$pagesMenu .= 'function addPageNumbers(fromPage, toPage){';
$pagesMenu .= ' var ellipsesIndex = 0;';
$pagesMenu .= ' if(fromPage > toPage) return;';
$pagesMenu .= ' if(fromPage > 0){';
$pagesMenu .= ' if(pagesMenu.options[pagesMenu.options.length - 1].text != fromPage){';
$pagesMenu .= ' ellipsesIndex = pagesMenu.options.length;';
$pagesMenu .= ' fromPage--;';
$pagesMenu .= ' }';
$pagesMenu .= ' }';
$pagesMenu .= ' for(i = fromPage; i <= toPage; i++){';
$pagesMenu .= ' var option = document.createElement("option");';
$pagesMenu .= ' option.text = (i + 1);';
$pagesMenu .= ' option.value = i;';
$pagesMenu .= ' if(i == currentPage){ option.selected = "selected"; }';
$pagesMenu .= ' try{';
$pagesMenu .= ' /* for IE earlier than version 8 */';
$pagesMenu .= ' pagesMenu.add(option, pagesMenu.options[null]);';
$pagesMenu .= ' }catch(e){';
$pagesMenu .= ' pagesMenu.add(option, null);';
$pagesMenu .= ' }';
$pagesMenu .= ' }';
$pagesMenu .= ' if(ellipsesIndex > 0){';
$pagesMenu .= ' pagesMenu.options[ellipsesIndex].text = " ... ";';
$pagesMenu .= ' }';
$pagesMenu .= '}';
$pagesMenu .= '</script>';
}
$this->HTML .= "\n\t";
if ($i) {
// 1 or more records found
$this->HTML .= "<tfoot><tr><td colspan=" . (count($this->ColCaption) + 1) . '>';
$this->HTML .= $Translation['records x to y of z'];
$this->HTML .= '</td></tr></tfoot>';
}
if (!$i) {
// no records found
$this->HTML .= "<tfoot><tr><td colspan=" . (count($this->ColCaption) + 1) . '>';
$this->HTML .= '<div class="alert alert-warning">';
$this->HTML .= '<i class="glyphicon glyphicon-warning-sign"></i> ';
$this->HTML .= $Translation['No matches found!'];
$this->HTML .= '</div>';
$this->HTML .= '</td></tr></tfoot>';
}
} else {
// TVP
if ($i) {
$this->HTML .= "\n\t<tfoot><tr><td colspan=" . (count($this->ColCaption) + 1) . '>' . $Translation['records x to y of z'] . '</td></tr></tfoot>';
}
if (!$i) {
$this->HTML .= "\n\t<tfoot><tr><td colspan=" . (count($this->ColCaption) + 1) . '>' . $Translation['No matches found!'] . '</td></tr></tfoot>';
}
}
$this->HTML = str_replace("<FirstRecord>", number_format($FirstRecord), $this->HTML);
$this->HTML = str_replace("<LastRecord>", number_format($i), $this->HTML);
$this->HTML = str_replace("<RecordCount>", number_format($RecordCount), $this->HTML);
$tvShown = true;
$this->HTML .= "</table></div>\n";
if ($Print_x == '' && $i) {
// TV
$this->HTML .= '<div class="row">';
$this->HTML .= '<div class="col-sm-4 col-md-3 col-lg-2 vspacer-lg">';
$this->HTML .= '<button onClick="' . $resetSelection . ' document.myform.NoDV.value = 1; return true;" type="submit" name="Previous_x" id="Previous" value="1" class="btn btn-default btn-block"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Previous'] . '</button>';
$this->HTML .= '</div>';
$this->HTML .= '<div class="col-sm-4 col-md-4 col-lg-2 col-md-offset-1 col-lg-offset-3 text-center vspacer-lg">';
$this->HTML .= $pagesMenu;
$this->HTML .= '</div>';
$this->HTML .= '<div class="col-sm-4 col-md-3 col-lg-2 col-md-offset-1 col-lg-offset-3 text-right vspacer-lg">';
$this->HTML .= '<button onClick="' . $resetSelection . ' document.myform.NoDV.value=1; return true;" type="submit" name="Next_x" id="Next" value="1" class="btn btn-default btn-block">' . $Translation['Next'] . ' <i class="glyphicon glyphicon-chevron-right"></i></button>';
$this->HTML .= '</div>';
$this->HTML .= '</div>';
}
}
/* that marks the end of the TV table */
// hidden variables ....
foreach ($this->filterers as $filterer => $caption) {
if ($_REQUEST['filterer_' . $filterer] != '') {
$this->HTML .= "<input name=\"filterer_{$filterer}\" value=\"" . htmlspecialchars($_REQUEST['filterer_' . $filterer], ENT_QUOTES, 'iso-8859-1') . "\" type=\"hidden\" />";
break;
// currently, only one filterer can be applied at a time
}
}
$this->HTML .= '<input name="SortField" value="' . $SortField . '" type="hidden">';
$this->HTML .= '<input name="SelectedID" value="' . htmlspecialchars($SelectedID, ENT_QUOTES, 'iso-8859-1') . '" type="hidden">';
$this->HTML .= '<input name="SelectedField" value="" type="hidden">';
$this->HTML .= '<input name="SortDirection" type="hidden" value="' . $SortDirection . '">';
$this->HTML .= '<input name="FirstRecord" type="hidden" value="' . $FirstRecord . '">';
$this->HTML .= '<input name="NoDV" type="hidden" value="">';
$this->HTML .= '<input name="PrintDV" type="hidden" value="">';
if ($this->QuickSearch && !strpos($this->HTML, 'SearchString')) {
$this->HTML .= '<input name="SearchString" type="hidden" value="' . htmlspecialchars($SearchString, ENT_QUOTES, 'iso-8859-1') . '">';
}
// hidden variables: filters ...
$FiltersCode = '';
for ($i = 1; $i <= datalist_filters_count * $FiltersPerGroup; $i++) {
// Number of filters allowed
if ($i % $FiltersPerGroup == 1 && $i != 1 && $FilterAnd[$i] != '') {
$FiltersCode .= "<input name=\"FilterAnd[{$i}]\" value=\"{$FilterAnd[$i]}\" type=\"hidden\">\n";
}
if ($FilterField[$i] != '' && $FilterOperator[$i] != '' && ($FilterValue[$i] != '' || strpos($FilterOperator[$i], 'empty'))) {
if (!strstr($FiltersCode, "<input name=\"FilterAnd[{$i}]\" value=")) {
$FiltersCode .= "<input name=\"FilterAnd[{$i}]\" value=\"{$FilterAnd[$i]}\" type=\"hidden\">\n";
}
$FiltersCode .= "<input name=\"FilterField[{$i}]\" value=\"{$FilterField[$i]}\" type=\"hidden\">\n";
$FiltersCode .= "<input name=\"FilterOperator[{$i}]\" value=\"{$FilterOperator[$i]}\" type=\"hidden\">\n";
$FiltersCode .= "<input name=\"FilterValue[{$i}]\" value=\"" . htmlspecialchars($FilterValue[$i], ENT_QUOTES, 'iso-8859-1') . "\" type=\"hidden\">\n";
}
}
$FiltersCode .= "<input name=\"DisplayRecords\" value=\"{$DisplayRecords}\" type=\"hidden\" />";
$this->HTML .= $FiltersCode;
// display details form ...
if (($this->AllowSelection || $this->AllowInsert || $this->AllowUpdate || $this->AllowDelete) && $Print_x == '' && !$PrintDV) {
if ($this->SeparateDV && $this->HideTableView || !$this->SeparateDV) {
$dvCode = call_user_func("{$this->TableName}_form", $SelectedID, $this->AllowUpdate, $this->HideTableView && $SelectedID ? 0 : $this->AllowInsert, $this->AllowDelete, $this->SeparateDV);
$this->HTML .= "\n\t<div class=\"panel panel-default detail_view\">{$dvCode}</div>";
$this->HTML .= $this->SeparateDV ? '<input name="SearchString" value="' . htmlspecialchars($SearchString, ENT_QUOTES, 'iso-8859-1') . '" type="hidden">' : '';
if ($dvCode) {
$this->ContentType = 'detailview';
$dvShown = true;
}
}
}
// display multiple printable detail views
if ($PrintDV) {
$dvCode = '';
$_POST['dvprint_x'] = $_GET['dvprint_x'] = $_REQUEST['dvprint_x'] = 1;
// hidden vars
foreach ($this->filterers as $filterer => $caption) {
if ($_REQUEST['filterer_' . $filterer] != '') {
$this->HTML .= "<input name=\"filterer_{$filterer}\" value=\"" . htmlspecialchars($_REQUEST['filterer_' . $filterer], ENT_QUOTES, 'iso-8859-1') . "\" type=\"hidden\" />";
break;
// currently, only one filterer can be applied at a time
}
}
// count selected records
$selectedRecords = 0;
if (is_array($_POST['record_selector'])) {
foreach ($_POST['record_selector'] as $id) {
$selectedRecords++;
$this->HTML .= '<input type="hidden" name="record_selector[]" value="' . htmlspecialchars($id, ENT_QUOTES, 'iso-8859-1') . '">' . "\n";
}
}
if ($selectedRecords && $selectedRecords <= datalist_max_records_dv_print) {
// if records selected > {datalist_max_records_dv_print} don't show DV preview to avoid db performance issues.
foreach ($_POST['record_selector'] as $id) {
$dvCode .= call_user_func($this->TableName . '_form', $id, 0, 0, 0, 1);
}
if ($dvCode != '') {
$dvCode = preg_replace('/<input .*?type="?image"?.*?>/', '', $dvCode);
$this->HTML .= $dvCode;
}
} else {
$this->HTML .= error_message($Translation['Maximum records allowed to enable this feature is'] . ' ' . datalist_max_records_dv_print);
$this->HTML .= '<input type="submit" class="print-button" value="' . $Translation['Print Preview Table View'] . '">';
}
}
$this->HTML .= "</form>";
$this->HTML .= '</div><div class="col-xs-1 md-hidden lg-hidden"></div></div>';
// $this->HTML .= '<font face="garamond">'.htmlspecialchars($tvQuery).'</font>'; // uncomment this line for debugging the table view query
if ($dvShown && $tvShown) {
$this->ContentType = 'tableview+detailview';
}
if ($dvprint_x != '') {
$this->ContentType = 'print-detailview';
}
if ($Print_x != '') {
$this->ContentType = 'print-tableview';
}
if ($PrintDV != '') {
$this->ContentType = 'print-detailview';
}
// call detail view javascript hook file if found
$dvJSHooksFile = dirname(__FILE__) . '/hooks/' . $this->TableName . '-dv.js';
if (is_file($dvJSHooksFile) && ($this->ContentType == 'detailview' || $this->ContentType == 'tableview+detailview')) {
$this->HTML .= "\n<script src=\"hooks/{$this->TableName}-dv.js\"></script>\n";
}
}
$currDir = dirname(__FILE__);
include "{$currDir}/defaultLang.php";
include "{$currDir}/language.php";
include "{$currDir}/lib.php";
/**
* dynamic configuration based on current user's permissions
* $userPCConfig array is populated only with parent tables where the user has access to
* at least one child table
*/
$userPCConfig = array();
foreach ($pcConfig as $pcChildTable => $ChildrenLookups) {
$permChild = getTablePermissions($pcChildTable);
if ($permChild[2]) {
// user can view records of the child table, so proceed to check children lookups
foreach ($ChildrenLookups as $ChildLookupField => $ChildConfig) {
$permParent = getTablePermissions($ChildConfig['parent-table']);
if ($permParent[2]) {
// user can view records of parent table
$userPCConfig[$pcChildTable][$ChildLookupField] = $pcConfig[$pcChildTable][$ChildLookupField];
// show add new only if configured above AND the user has insert permission
if ($permChild[1] && $pcConfig[$pcChildTable][$ChildLookupField]['display-add-new']) {
$userPCConfig[$pcChildTable][$ChildLookupField]['display-add-new'] = true;
} else {
$userPCConfig[$pcChildTable][$ChildLookupField]['display-add-new'] = false;
}
}
}
}
}
/* Receive, UTF-convert, and validate parameters */
$ParentTable = $_REQUEST['ParentTable'];
$table_name = $_REQUEST['t'];
$field_name = $_REQUEST['f'];
$search_id = makeSafe(iconv('UTF-8', datalist_db_encoding, $_REQUEST['id']));
$selected_text = iconv('UTF-8', datalist_db_encoding, $_REQUEST['text']);
$returnOptions = $_REQUEST['o'] == 1 ? true : false;
$page = intval($_REQUEST['p']);
if ($page < 1) {
$page = 1;
}
$skip = $results_per_page * ($page - 1);
$search_term = makeSafe(iconv('UTF-8', datalist_db_encoding, $_REQUEST['s']));
if (!isset($lookups[$table_name][$field_name])) {
die('{ "error": "Invalid table or field." }');
}
// can user access the requested table?
$perm = getTablePermissions($table_name);
if (!$perm[0] && !$search_id) {
die('{ "error": "' . addslashes($Translation['tableAccessDenied']) . '" }');
}
$field = $lookups[$table_name][$field_name];
$wheres = array();
// search term provided?
if ($search_term) {
$wheres[] = "{$field['parent_caption']} like '%{$search_term}%'";
}
// any filterers specified?
if (is_array($field['filterers'])) {
foreach ($field['filterers'] as $filterer => $filterer_parent) {
$get = isset($_REQUEST["filterer_{$filterer}"]) ? $_REQUEST["filterer_{$filterer}"] : false;
if ($get) {
$wheres[] = "`{$field['parent_table']}`.`{$filterer_parent}`='" . makeSafe($get) . "'";
function submitlog_form($selected_id = '', $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0)
{
// function to return an editable form for a table records
// and fill it with data of record whose ID is $selected_id. If $selected_id
// is empty, an empty form is shown, with only an 'Add New'
// button displayed.
global $Translation;
// mm: get table permissions
$arrPerm = getTablePermissions('submitlog');
if (!$arrPerm[1] && $selected_id == '') {
return '';
}
$AllowInsert = $arrPerm[1] ? true : false;
// print preview?
$dvprint = false;
if ($selected_id && $_REQUEST['dvprint_x'] != '') {
$dvprint = true;
}
// populate filterers, starting from children to grand-parents
// unique random identifier
$rnd1 = $dvprint ? rand(1000000, 9999999) : '';
// combobox: pdate
$combo_pdate = new DateCombo();
$combo_pdate->DateFormat = "mdy";
$combo_pdate->MinYear = 1900;
$combo_pdate->MaxYear = 2100;
$combo_pdate->DefaultDate = parseMySQLDate('', '');
$combo_pdate->MonthNames = $Translation['month names'];
$combo_pdate->NamePrefix = 'pdate';
if ($selected_id) {
// mm: check member permissions
if (!$arrPerm[2]) {
return "";
}
// mm: who is the owner?
$ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='submitlog' and pkValue='" . makeSafe($selected_id) . "'");
$ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='submitlog' and pkValue='" . makeSafe($selected_id) . "'");
if ($arrPerm[2] == 1 && getLoggedMemberID() != $ownerMemberID) {
return "";
}
if ($arrPerm[2] == 2 && getLoggedGroupID() != $ownerGroupID) {
return "";
}
// can edit?
if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) {
$AllowUpdate = 1;
} else {
$AllowUpdate = 0;
}
$res = sql("select * from `submitlog` where `submid`='" . makeSafe($selected_id) . "'", $eo);
if (!($row = db_fetch_array($res))) {
return error_message($Translation['No records found']);
}
$urow = $row;
/* unsanitized data */
$hc = new CI_Input();
$row = $hc->xss_clean($row);
/* sanitize data */
$combo_pdate->DefaultDate = $row['pdate'];
} else {
}
// code for template based detail view forms
// open the detail view template
$templateCode = @file_get_contents('./templates/submitlog_templateDV.html');
// process form title
$templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Filtered Submissions', $templateCode);
$templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode);
$templateCode = str_replace('<%%EMBEDDED%%>', $_REQUEST['Embedded'] ? 'Embedded=1' : '', $templateCode);
// process buttons
if ($arrPerm[1] && !$selected_id) {
// allow insert and no record selected?
if (!$selected_id) {
$templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-success" id="insert" name="insert_x" value="1" onclick="return submitlog_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save New'] . '</button>', $templateCode);
}
$templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="insert" name="insert_x" value="1" onclick="return submitlog_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save As Copy'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%INSERT_BUTTON%%>', '', $templateCode);
}
// 'Back' button action
if ($_REQUEST['Embedded']) {
$backAction = 'window.parent.jQuery(\'.modal\').modal(\'hide\'); return false;';
} else {
$backAction = '$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;';
}
if ($selected_id) {
if ($AllowUpdate) {
$templateCode = str_replace('<%%UPDATE_BUTTON%%>', '<button type="submit" class="btn btn-success btn-lg" id="update" name="update_x" value="1" onclick="return submitlog_validateData();"><i class="glyphicon glyphicon-ok"></i> ' . $Translation['Save Changes'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
}
if ($arrPerm[4] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[4] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[4] == 3) {
// allow delete?
$templateCode = str_replace('<%%DELETE_BUTTON%%>', '<button type="submit" class="btn btn-danger" id="delete" name="delete_x" value="1" onclick="return confirm(\'' . $Translation['are you sure?'] . '\');"><i class="glyphicon glyphicon-trash"></i> ' . $Translation['Delete'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
}
$templateCode = str_replace('<%%DESELECT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
$templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
$templateCode = str_replace('<%%DESELECT_BUTTON%%>', $ShowCancel ? '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>' : '', $templateCode);
}
// set records to read only if user can't insert new records and can't edit current record
if ($selected_id && !$AllowUpdate || !$selected_id && !$AllowInsert) {
$jsReadOnly .= "\tjQuery('#cstatus').prop('disabled', true);\n";
$jsReadOnly .= "\tjQuery('#logtime').replaceWith('<div class=\"form-control-static\" id=\"logtime\">' + (jQuery('#logtime').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#ipaddr').replaceWith('<div class=\"form-control-static\" id=\"ipaddr\">' + (jQuery('#ipaddr').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#company').replaceWith('<div class=\"form-control-static\" id=\"company\">' + (jQuery('#company').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#country').replaceWith('<div class=\"form-control-static\" id=\"country\">' + (jQuery('#country').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#website').replaceWith('<div class=\"form-control-static\" id=\"website\">' + (jQuery('#website').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#website, #website-edit-link').hide();\n";
$jsReadOnly .= "\tjQuery('#contactname').replaceWith('<div class=\"form-control-static\" id=\"contactname\">' + (jQuery('#contactname').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#email').replaceWith('<div class=\"form-control-static\" id=\"email\">' + (jQuery('#email').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#title').replaceWith('<div class=\"form-control-static\" id=\"title\">' + (jQuery('#title').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#version').replaceWith('<div class=\"form-control-static\" id=\"version\">' + (jQuery('#version').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#pdate').prop('readonly', true);\n";
$jsReadOnly .= "\tjQuery('#pdateDay, #pdateMonth, #pdateYear').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n";
$jsReadOnly .= "\tjQuery('#cost').replaceWith('<div class=\"form-control-static\" id=\"cost\">' + (jQuery('#cost').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#ptype').replaceWith('<div class=\"form-control-static\" id=\"ptype\">' + (jQuery('#ptype').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#install').replaceWith('<div class=\"form-control-static\" id=\"install\">' + (jQuery('#install').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#os').replaceWith('<div class=\"form-control-static\" id=\"os\">' + (jQuery('#os').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#languages').replaceWith('<div class=\"form-control-static\" id=\"languages\">' + (jQuery('#languages').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#changeinfo').replaceWith('<div class=\"form-control-static\" id=\"changeinfo\">' + (jQuery('#changeinfo').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#category').replaceWith('<div class=\"form-control-static\" id=\"category\">' + (jQuery('#category').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#requirements').replaceWith('<div class=\"form-control-static\" id=\"requirements\">' + (jQuery('#requirements').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#ksize').replaceWith('<div class=\"form-control-static\" id=\"ksize\">' + (jQuery('#ksize').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#keywords').replaceWith('<div class=\"form-control-static\" id=\"keywords\">' + (jQuery('#keywords').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#description').replaceWith('<div class=\"form-control-static\" id=\"description\">' + (jQuery('#description').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#descrlarge').replaceWith('<div class=\"form-control-static\" id=\"descrlarge\">' + (jQuery('#descrlarge').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#homepage').replaceWith('<div class=\"form-control-static\" id=\"homepage\">' + (jQuery('#homepage').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#screenshot').replaceWith('<div class=\"form-control-static\" id=\"screenshot\">' + (jQuery('#screenshot').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#screenshot, #screenshot-edit-link').hide();\n";
$jsReadOnly .= "\tjQuery('#icon').replaceWith('<div class=\"form-control-static\" id=\"icon\">' + (jQuery('#icon').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#padfile').replaceWith('<div class=\"form-control-static\" id=\"padfile\">' + (jQuery('#padfile').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#download').replaceWith('<div class=\"form-control-static\" id=\"download\">' + (jQuery('#download').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#aspnumber').replaceWith('<div class=\"form-control-static\" id=\"aspnumber\">' + (jQuery('#aspnumber').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#backlink').replaceWith('<div class=\"form-control-static\" id=\"backlink\">' + (jQuery('#backlink').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#backlink, #backlink-edit-link').hide();\n";
$jsReadOnly .= "\tjQuery('#affiliate').replaceWith('<div class=\"form-control-static\" id=\"affiliate\">' + (jQuery('#affiliate').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#affiliateid').replaceWith('<div class=\"form-control-static\" id=\"affiliateid\">' + (jQuery('#affiliateid').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('.select2-container').hide();\n";
$noUploads = true;
} elseif ($AllowInsert && !$selected_id || $AllowUpdate && $selected_id) {
$jsEditable .= "\tjQuery('form').eq(0).data('already_changed', true);";
// temporarily disable form change handler
$jsEditable .= "\tjQuery('form').eq(0).data('already_changed', false);";
// re-enable form change handler
}
// process combos
$templateCode = str_replace('<%%COMBO(pdate)%%>', $selected_id && !$arrPerm[3] ? '<div class="form-control-static">' . $combo_pdate->GetHTML(true) . '</div>' : $combo_pdate->GetHTML(), $templateCode);
$templateCode = str_replace('<%%COMBOTEXT(pdate)%%>', $combo_pdate->GetHTML(true), $templateCode);
/* lookup fields array: 'lookup field name' => array('parent table name', 'lookup field caption') */
$lookup_fields = array();
foreach ($lookup_fields as $luf => $ptfc) {
$pt_perm = getTablePermissions($ptfc[0]);
// process foreign key links
if ($pt_perm['view'] || $pt_perm['edit']) {
$templateCode = str_replace("<%%PLINK({$luf})%%>", '<button type="button" class="btn btn-default view_parent hspacer-lg" id="' . $ptfc[0] . '_view_parent" title="' . htmlspecialchars($Translation['View'] . ' ' . $ptfc[1], ENT_QUOTES, 'iso-8859-1') . '"><i class="glyphicon glyphicon-eye-open"></i></button>', $templateCode);
}
// if user has insert permission to parent table of a lookup field, put an add new button
if ($pt_perm['insert'] && !$_REQUEST['Embedded']) {
$templateCode = str_replace("<%%ADDNEW({$ptfc[0]})%%>", '<button type="button" class="btn btn-success add_new_parent" id="' . $ptfc[0] . '_add_new" title="' . htmlspecialchars($Translation['Add New'] . ' ' . $ptfc[1], ENT_QUOTES, 'iso-8859-1') . '"><i class="glyphicon glyphicon-plus-sign"></i></button>', $templateCode);
}
}
// process images
$templateCode = str_replace('<%%UPLOADFILE(submid)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(cstatus)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(logtime)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(ipaddr)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(company)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(country)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(website)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(contactname)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(email)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(title)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(version)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(pdate)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(cost)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(ptype)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(install)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(os)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(languages)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(changeinfo)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(category)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(requirements)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(ksize)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(keywords)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(description)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(descrlarge)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(homepage)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(screenshot)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(icon)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(padfile)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(download)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(aspnumber)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(backlink)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(affiliate)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(affiliateid)%%>', '', $templateCode);
// process values
if ($selected_id) {
$templateCode = str_replace('<%%VALUE(submid)%%>', htmlspecialchars($row['submid'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(submid)%%>', urlencode($urow['submid']), $templateCode);
$templateCode = str_replace('<%%CHECKED(cstatus)%%>', $row['cstatus'] ? "checked" : "", $templateCode);
$templateCode = str_replace('<%%VALUE(logtime)%%>', htmlspecialchars($row['logtime'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(logtime)%%>', urlencode($urow['logtime']), $templateCode);
$templateCode = str_replace('<%%VALUE(ipaddr)%%>', htmlspecialchars($row['ipaddr'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(ipaddr)%%>', urlencode($urow['ipaddr']), $templateCode);
$templateCode = str_replace('<%%VALUE(company)%%>', htmlspecialchars($row['company'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(company)%%>', urlencode($urow['company']), $templateCode);
$templateCode = str_replace('<%%VALUE(country)%%>', htmlspecialchars($row['country'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(country)%%>', urlencode($urow['country']), $templateCode);
$templateCode = str_replace('<%%VALUE(website)%%>', htmlspecialchars($row['website'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(website)%%>', urlencode($urow['website']), $templateCode);
$templateCode = str_replace('<%%VALUE(contactname)%%>', htmlspecialchars($row['contactname'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(contactname)%%>', urlencode($urow['contactname']), $templateCode);
$templateCode = str_replace('<%%VALUE(email)%%>', htmlspecialchars($row['email'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(email)%%>', urlencode($urow['email']), $templateCode);
$templateCode = str_replace('<%%VALUE(title)%%>', htmlspecialchars($row['title'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(title)%%>', urlencode($urow['title']), $templateCode);
$templateCode = str_replace('<%%VALUE(version)%%>', htmlspecialchars($row['version'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(version)%%>', urlencode($urow['version']), $templateCode);
$templateCode = str_replace('<%%VALUE(pdate)%%>', @date('m/d/Y', @strtotime(htmlspecialchars($row['pdate'], ENT_QUOTES, 'iso-8859-1'))), $templateCode);
$templateCode = str_replace('<%%URLVALUE(pdate)%%>', urlencode(@date('m/d/Y', @strtotime(htmlspecialchars($urow['pdate'], ENT_QUOTES, 'iso-8859-1')))), $templateCode);
$templateCode = str_replace('<%%VALUE(cost)%%>', htmlspecialchars($row['cost'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(cost)%%>', urlencode($urow['cost']), $templateCode);
$templateCode = str_replace('<%%VALUE(ptype)%%>', htmlspecialchars($row['ptype'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(ptype)%%>', urlencode($urow['ptype']), $templateCode);
$templateCode = str_replace('<%%VALUE(install)%%>', htmlspecialchars($row['install'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(install)%%>', urlencode($urow['install']), $templateCode);
$templateCode = str_replace('<%%VALUE(os)%%>', htmlspecialchars($row['os'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(os)%%>', urlencode($urow['os']), $templateCode);
$templateCode = str_replace('<%%VALUE(languages)%%>', htmlspecialchars($row['languages'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(languages)%%>', urlencode($urow['languages']), $templateCode);
$templateCode = str_replace('<%%VALUE(changeinfo)%%>', htmlspecialchars($row['changeinfo'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(changeinfo)%%>', urlencode($urow['changeinfo']), $templateCode);
$templateCode = str_replace('<%%VALUE(category)%%>', htmlspecialchars($row['category'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(category)%%>', urlencode($urow['category']), $templateCode);
$templateCode = str_replace('<%%VALUE(requirements)%%>', htmlspecialchars($row['requirements'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(requirements)%%>', urlencode($urow['requirements']), $templateCode);
$templateCode = str_replace('<%%VALUE(ksize)%%>', htmlspecialchars($row['ksize'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(ksize)%%>', urlencode($urow['ksize']), $templateCode);
$templateCode = str_replace('<%%VALUE(keywords)%%>', htmlspecialchars($row['keywords'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(keywords)%%>', urlencode($urow['keywords']), $templateCode);
$templateCode = str_replace('<%%VALUE(description)%%>', htmlspecialchars($row['description'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(description)%%>', urlencode($urow['description']), $templateCode);
$templateCode = str_replace('<%%VALUE(descrlarge)%%>', htmlspecialchars($row['descrlarge'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(descrlarge)%%>', urlencode($urow['descrlarge']), $templateCode);
$templateCode = str_replace('<%%VALUE(homepage)%%>', htmlspecialchars($row['homepage'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(homepage)%%>', urlencode($urow['homepage']), $templateCode);
$templateCode = str_replace('<%%VALUE(screenshot)%%>', htmlspecialchars($row['screenshot'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(screenshot)%%>', urlencode($urow['screenshot']), $templateCode);
$templateCode = str_replace('<%%VALUE(icon)%%>', htmlspecialchars($row['icon'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(icon)%%>', urlencode($urow['icon']), $templateCode);
$templateCode = str_replace('<%%VALUE(padfile)%%>', htmlspecialchars($row['padfile'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(padfile)%%>', urlencode($urow['padfile']), $templateCode);
$templateCode = str_replace('<%%VALUE(download)%%>', htmlspecialchars($row['download'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(download)%%>', urlencode($urow['download']), $templateCode);
$templateCode = str_replace('<%%VALUE(aspnumber)%%>', htmlspecialchars($row['aspnumber'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(aspnumber)%%>', urlencode($urow['aspnumber']), $templateCode);
$templateCode = str_replace('<%%VALUE(backlink)%%>', htmlspecialchars($row['backlink'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(backlink)%%>', urlencode($urow['backlink']), $templateCode);
$templateCode = str_replace('<%%VALUE(affiliate)%%>', htmlspecialchars($row['affiliate'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(affiliate)%%>', urlencode($urow['affiliate']), $templateCode);
$templateCode = str_replace('<%%VALUE(affiliateid)%%>', htmlspecialchars($row['affiliateid'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(affiliateid)%%>', urlencode($urow['affiliateid']), $templateCode);
} else {
$templateCode = str_replace('<%%VALUE(submid)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(submid)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%CHECKED(cstatus)%%>', '', $templateCode);
$templateCode = str_replace('<%%VALUE(logtime)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(logtime)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(ipaddr)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(ipaddr)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(company)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(company)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(country)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(country)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(website)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(website)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(contactname)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(contactname)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(email)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(email)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(title)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(title)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(version)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(version)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(pdate)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(pdate)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(cost)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(cost)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(ptype)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(ptype)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(install)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(install)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(os)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(os)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(languages)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(languages)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(changeinfo)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(changeinfo)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(category)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(category)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(requirements)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(requirements)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(ksize)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(ksize)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(keywords)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(keywords)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(description)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(description)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(descrlarge)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(descrlarge)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(homepage)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(homepage)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(screenshot)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(screenshot)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(icon)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(icon)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(padfile)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(padfile)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(download)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(download)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(aspnumber)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(aspnumber)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(backlink)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(backlink)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(affiliate)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(affiliate)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(affiliateid)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(affiliateid)%%>', urlencode(''), $templateCode);
}
// process translations
foreach ($Translation as $symbol => $trans) {
$templateCode = str_replace("<%%TRANSLATION({$symbol})%%>", $trans, $templateCode);
}
// clear scrap
$templateCode = str_replace('<%%', '<!-- ', $templateCode);
$templateCode = str_replace('%%>', ' -->', $templateCode);
// hide links to inaccessible tables
if ($_REQUEST['dvprint_x'] == '') {
$templateCode .= "\n\n<script>\$j(function(){\n";
$arrTables = getTableList();
foreach ($arrTables as $name => $caption) {
$templateCode .= "\t\$j('#{$name}_link').removeClass('hidden');\n";
$templateCode .= "\t\$j('#xs_{$name}_link').removeClass('hidden');\n";
}
$templateCode .= $jsReadOnly;
$templateCode .= $jsEditable;
if (!$selected_id) {
$templateCode .= "\n\tif(document.getElementById('websiteEdit')){ document.getElementById('websiteEdit').style.display='inline'; }";
$templateCode .= "\n\tif(document.getElementById('websiteEditLink')){ document.getElementById('websiteEditLink').style.display='none'; }";
$templateCode .= "\n\tif(document.getElementById('screenshotEdit')){ document.getElementById('screenshotEdit').style.display='inline'; }";
$templateCode .= "\n\tif(document.getElementById('screenshotEditLink')){ document.getElementById('screenshotEditLink').style.display='none'; }";
$templateCode .= "\n\tif(document.getElementById('backlinkEdit')){ document.getElementById('backlinkEdit').style.display='inline'; }";
$templateCode .= "\n\tif(document.getElementById('backlinkEditLink')){ document.getElementById('backlinkEditLink').style.display='none'; }";
}
$templateCode .= "\n});</script>\n";
}
// ajaxed auto-fill fields
$templateCode .= '<script>';
$templateCode .= '$j(function() {';
$templateCode .= "});";
$templateCode .= "</script>";
$templateCode .= $lookups;
// handle enforced parent values for read-only lookup fields
// don't include blank images in lightbox gallery
$templateCode = preg_replace('/blank.gif" data-lightbox=".*?"/', 'blank.gif"', $templateCode);
// don't display empty email links
$templateCode = preg_replace('/<a .*?href="mailto:".*?<\\/a>/', '', $templateCode);
// hook: submitlog_dv
if (function_exists('submitlog_dv')) {
$args = array();
submitlog_dv($selected_id ? $selected_id : FALSE, getMemberInfo(), $templateCode, $args);
}
return $templateCode;
}
<?php
// This script and data application were generated by AppGini 5.50
// Download AppGini for free from http://bigprof.com/appgini/download/
$currDir = dirname(__FILE__);
include "{$currDir}/defaultLang.php";
include "{$currDir}/language.php";
include "{$currDir}/lib.php";
@(include "{$currDir}/hooks/customurls.php");
include "{$currDir}/customurls_dml.php";
// mm: can the current member access this page?
$perm = getTablePermissions('customurls');
if (!$perm[0]) {
echo error_message($Translation['tableAccessDenied'], false);
echo '<script>setTimeout("window.location=\'index.php?signOut=1\'", 2000);</script>';
exit;
}
$x = new DataList();
$x->TableName = "customurls";
// Fields that can be displayed in the table view
$x->QueryFieldsTV = array("`customurls`.`customid`" => "customid", "`customurls`.`progid`" => "progid", "`customurls`.`customurl`" => "customurl");
// mapping incoming sort by requests to actual query fields
$x->SortFields = array(1 => '`customurls`.`customid`', 2 => '`customurls`.`progid`', 3 => 3);
// Fields that can be displayed in the csv file
$x->QueryFieldsCSV = array("`customurls`.`customid`" => "customid", "`customurls`.`progid`" => "progid", "`customurls`.`customurl`" => "customurl");
// Fields that can be filtered
$x->QueryFieldsFilters = array("`customurls`.`customid`" => "customid", "`customurls`.`progid`" => "progid", "`customurls`.`customurl`" => "customurl");
// Fields that can be quick searched
$x->QueryFieldsQS = array("`customurls`.`customid`" => "customid", "`customurls`.`progid`" => "progid", "`customurls`.`customurl`" => "customurl");
// Lookup fields that can be used as filterers
$x->filterers = array();
<?php
// This script and data application were generated by AppGini 5.42
// Download AppGini for free from http://bigprof.com/appgini/download/
$currDir = dirname(__FILE__);
include "{$currDir}/defaultLang.php";
include "{$currDir}/language.php";
include "{$currDir}/lib.php";
@(include "{$currDir}/hooks/products.php");
include "{$currDir}/products_dml.php";
// mm: can the current member access this page?
$perm = getTablePermissions('products');
if (!$perm[0]) {
echo error_message($Translation['tableAccessDenied'], false);
echo '<script>setTimeout("window.location=\'index.php?signOut=1\'", 2000);</script>';
exit;
}
$x = new DataList();
$x->TableName = "products";
// Fields that can be displayed in the table view
$x->QueryFieldsTV = array("`products`.`ProductID`" => "ProductID", "`products`.`ProductName`" => "ProductName", "IF( CHAR_LENGTH(`suppliers1`.`CompanyName`), CONCAT_WS('', `suppliers1`.`CompanyName`), '') /* Supplier */" => "SupplierID", "IF( CHAR_LENGTH(`categories1`.`CategoryName`), CONCAT_WS('', `categories1`.`CategoryName`), '') /* Category */" => "CategoryID", "`products`.`QuantityPerUnit`" => "QuantityPerUnit", "CONCAT('\$', FORMAT(`products`.`UnitPrice`, 2))" => "UnitPrice", "`products`.`UnitsInStock`" => "UnitsInStock", "`products`.`UnitsOnOrder`" => "UnitsOnOrder", "`products`.`ReorderLevel`" => "ReorderLevel", "concat('<img src=\"', if(`products`.`Discontinued`, 'checked.gif', 'checkednot.gif'), '\" border=\"0\" />')" => "Discontinued");
// mapping incoming sort by requests to actual query fields
$x->SortFields = array(1 => '`products`.`ProductID`', 2 => 2, 3 => 3, 4 => 4, 5 => 5, 6 => '`products`.`UnitPrice`', 7 => '`products`.`UnitsInStock`', 8 => '`products`.`UnitsOnOrder`', 9 => '`products`.`ReorderLevel`', 10 => '`products`.`Discontinued`');
// Fields that can be displayed in the csv file
$x->QueryFieldsCSV = array("`products`.`ProductID`" => "ProductID", "`products`.`ProductName`" => "ProductName", "IF( CHAR_LENGTH(`suppliers1`.`CompanyName`), CONCAT_WS('', `suppliers1`.`CompanyName`), '') /* Supplier */" => "SupplierID", "IF( CHAR_LENGTH(`categories1`.`CategoryName`), CONCAT_WS('', `categories1`.`CategoryName`), '') /* Category */" => "CategoryID", "`products`.`QuantityPerUnit`" => "QuantityPerUnit", "CONCAT('\$', FORMAT(`products`.`UnitPrice`, 2))" => "UnitPrice", "`products`.`UnitsInStock`" => "UnitsInStock", "`products`.`UnitsOnOrder`" => "UnitsOnOrder", "`products`.`ReorderLevel`" => "ReorderLevel", "`products`.`Discontinued`" => "Discontinued");
// Fields that can be filtered
$x->QueryFieldsFilters = array("`products`.`ProductID`" => "Product ID", "`products`.`ProductName`" => "Product Name", "IF( CHAR_LENGTH(`suppliers1`.`CompanyName`), CONCAT_WS('', `suppliers1`.`CompanyName`), '') /* Supplier */" => "Supplier", "IF( CHAR_LENGTH(`categories1`.`CategoryName`), CONCAT_WS('', `categories1`.`CategoryName`), '') /* Category */" => "Category", "`products`.`QuantityPerUnit`" => "Quantity Per Unit", "`products`.`UnitPrice`" => "Unit Price", "`products`.`UnitsInStock`" => "Units In Stock", "`products`.`UnitsOnOrder`" => "Units On Order", "`products`.`ReorderLevel`" => "Reorder Level", "`products`.`Discontinued`" => "Discontinued");
// Fields that can be quick searched
$x->QueryFieldsQS = array("`products`.`ProductID`" => "ProductID", "`products`.`ProductName`" => "ProductName", "IF( CHAR_LENGTH(`suppliers1`.`CompanyName`), CONCAT_WS('', `suppliers1`.`CompanyName`), '') /* Supplier */" => "SupplierID", "IF( CHAR_LENGTH(`categories1`.`CategoryName`), CONCAT_WS('', `categories1`.`CategoryName`), '') /* Category */" => "CategoryID", "`products`.`QuantityPerUnit`" => "QuantityPerUnit", "CONCAT('\$', FORMAT(`products`.`UnitPrice`, 2))" => "UnitPrice", "`products`.`UnitsInStock`" => "UnitsInStock", "`products`.`UnitsOnOrder`" => "UnitsOnOrder", "`products`.`ReorderLevel`" => "ReorderLevel", "concat('<img src=\"', if(`products`.`Discontinued`, 'checked.gif', 'checkednot.gif'), '\" border=\"0\" />')" => "Discontinued");
// Lookup fields that can be used as filterers
$x->filterers = array('SupplierID' => 'Supplier', 'CategoryID' => 'Category');
}
</style>
<div class="row" id="table_links">
<?php
/* accessible tables */
if (is_array($arrTables) && count($arrTables)) {
$i = 0;
foreach ($arrTables as $tn => $tc) {
$tChkFF = array_search($tn, array());
$tChkHL = array_search($tn, array('order_details'));
if ($tChkHL !== false && $tChkHL !== null) {
continue;
}
$t_perm = getTablePermissions($tn);
$can_insert = $t_perm['insert'];
$searchFirst = $tChkFF !== false && $tChkFF !== null ? '?Filter_x=1' : '';
?>
<div id="<?php
echo $tn;
?>
-tile" class="col-xs-12 <?php
echo !$i ? $block_classes['first']['grid_column'] : $block_classes['other']['grid_column'];
?>
">
<div class="panel <?php
echo !$i ? $block_classes['first']['panel'] : $block_classes['other']['panel'];
?>
">
<div class="panel-body">
<?php
// This script and data application were generated by AppGini 5.23
// Download AppGini for free from http://bigprof.com/appgini/download/
$currDir = dirname(__FILE__);
include "{$currDir}/defaultLang.php";
include "{$currDir}/language.php";
include "{$currDir}/lib.php";
@(include "{$currDir}/hooks/beneficiary_groups.php");
include "{$currDir}/beneficiary_groups_dml.php";
// mm: can the current member access this page?
$perm = getTablePermissions('beneficiary_groups');
if (!$perm[0]) {
echo error_message($Translation['tableAccessDenied'], false);
echo '<script>setTimeout("window.location=\'index.php?signOut=1\'", 2000);</script>';
exit;
}
$x = new DataList();
$x->TableName = "beneficiary_groups";
// Fields that can be displayed in the table view
$x->QueryFieldsTV = array("`beneficiary_groups`.`beneficiary_group_id`" => "beneficiary_group_id", "`beneficiary_groups`.`name`" => "name", "`beneficiary_groups`.`description`" => "description");
// mapping incoming sort by requests to actual query fields
$x->SortFields = array(1 => '`beneficiary_groups`.`beneficiary_group_id`', 2 => 2, 3 => 3);
// Fields that can be displayed in the csv file
$x->QueryFieldsCSV = array("`beneficiary_groups`.`beneficiary_group_id`" => "beneficiary_group_id", "`beneficiary_groups`.`name`" => "name", "`beneficiary_groups`.`description`" => "description");
// Fields that can be filtered
$x->QueryFieldsFilters = array("`beneficiary_groups`.`beneficiary_group_id`" => "ID", "`beneficiary_groups`.`name`" => "Name", "`beneficiary_groups`.`description`" => "Description");
// Fields that can be quick searched
$x->QueryFieldsQS = array("`beneficiary_groups`.`beneficiary_group_id`" => "beneficiary_group_id", "`beneficiary_groups`.`name`" => "name", "`beneficiary_groups`.`description`" => "description");
// Lookup fields that can be used as filterers
$x->filterers = array();
function outcomes_form($selected_id = '', $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0)
{
// function to return an editable form for a table records
// and fill it with data of record whose ID is $selected_id. If $selected_id
// is empty, an empty form is shown, with only an 'Add New'
// button displayed.
global $Translation;
// mm: get table permissions
$arrPerm = getTablePermissions('outcomes');
if (!$arrPerm[1] && $selected_id == '') {
return '';
}
// print preview?
$dvprint = false;
if ($selected_id && $_REQUEST['dvprint_x'] != '') {
$dvprint = true;
}
$filterer_outcome_area = thisOr(undo_magic_quotes($_REQUEST['filterer_outcome_area']), '');
// populate filterers, starting from children to grand-parents
// unique random identifier
$rnd1 = $dvprint ? rand(1000000, 9999999) : '';
// combobox: outcome_area
$combo_outcome_area = new DataCombo();
// combobox: strata
$combo_strata = new Combo();
$combo_strata->ListType = 0;
$combo_strata->MultipleSeparator = ', ';
$combo_strata->ListBoxHeight = 10;
$combo_strata->RadiosPerLine = 1;
if (is_file(dirname(__FILE__) . '/hooks/outcomes.strata.csv')) {
$strata_data = addslashes(implode('', @file(dirname(__FILE__) . '/hooks/outcomes.strata.csv')));
$combo_strata->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($strata_data)));
$combo_strata->ListData = $combo_strata->ListItem;
} else {
$combo_strata->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("Individuals;;Community, Sector & Society")));
$combo_strata->ListData = $combo_strata->ListItem;
}
$combo_strata->SelectName = 'strata';
if ($selected_id) {
// mm: check member permissions
if (!$arrPerm[2]) {
return "";
}
// mm: who is the owner?
$ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='outcomes' and pkValue='" . makeSafe($selected_id) . "'");
$ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='outcomes' and pkValue='" . makeSafe($selected_id) . "'");
if ($arrPerm[2] == 1 && getLoggedMemberID() != $ownerMemberID) {
return "";
}
if ($arrPerm[2] == 2 && getLoggedGroupID() != $ownerGroupID) {
return "";
}
// can edit?
if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) {
$AllowUpdate = 1;
} else {
$AllowUpdate = 0;
}
$res = sql("select * from `outcomes` where `outcome_id`='" . makeSafe($selected_id) . "'", $eo);
$row = mysql_fetch_array($res);
$urow = $row;
/* unsanitized data */
$hc = new CI_Input();
$row = $hc->xss_clean($row);
/* sanitize data */
$combo_outcome_area->SelectedData = $row['outcome_area'];
$combo_strata->SelectedData = $row['strata'];
} else {
$combo_outcome_area->SelectedData = $filterer_outcome_area;
$combo_strata->SelectedText = $_REQUEST['FilterField'][1] == '4' && $_REQUEST['FilterOperator'][1] == '<=>' ? get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1] : "";
}
$combo_outcome_area->HTML = $combo_outcome_area->MatchText = '<span id="outcome_area-container' . $rnd1 . '"></span><input type="hidden" name="outcome_area" id="outcome_area' . $rnd1 . '">';
$combo_strata->Render();
ob_start();
?>
<script>
// initial lookup values
var current_outcome_area__RAND__ = { text: "", value: "<?php
echo addslashes($selected_id ? $urow['outcome_area'] : $filterer_outcome_area);
?>
"};
jQuery(function() {
outcome_area_reload__RAND__();
});
function outcome_area_reload__RAND__(){
<?php
if (($AllowUpdate || $AllowInsert) && !$dvprint) {
?>
jQuery("#outcome_area-container__RAND__").select2({
/* initial default value */
initSelection: function(e, c){
jQuery.ajax({
url: 'ajax_combo.php',
dataType: 'json',
data: { id: current_outcome_area__RAND__.value, t: 'outcomes', f: 'outcome_area' }
}).done(function(resp){
c({
id: resp.results[0].id,
text: resp.results[0].text
});
jQuery('[name="outcome_area"]').val(resp.results[0].id);
if(typeof(outcome_area_update_autofills__RAND__) == 'function') outcome_area_update_autofills__RAND__();
});
},
width: '100%',
formatNoMatches: function(term){ return '<?php
echo addslashes($Translation['No matches found!']);
?>
'; },
minimumResultsForSearch: 10,
loadMorePadding: 200,
ajax: {
url: 'ajax_combo.php',
dataType: 'json',
cache: true,
data: function(term, page){ return { s: term, p: page, t: 'outcomes', f: 'outcome_area' }; },
results: function(resp, page){ return resp; }
}
}).on('change', function(e){
current_outcome_area__RAND__.value = e.added.id;
current_outcome_area__RAND__.text = e.added.text;
jQuery('[name="outcome_area"]').val(e.added.id);
if(typeof(outcome_area_update_autofills__RAND__) == 'function') outcome_area_update_autofills__RAND__();
});
<?php
} else {
?>
jQuery.ajax({
url: 'ajax_combo.php',
dataType: 'json',
data: { id: current_outcome_area__RAND__.value, t: 'outcomes', f: 'outcome_area' }
}).done(function(resp){
jQuery('#outcome_area-container__RAND__').html('<span id="outcome_area-match-text">' + resp.results[0].text + '</span>');
if(typeof(outcome_area_update_autofills__RAND__) == 'function') outcome_area_update_autofills__RAND__();
});
<?php
}
?>
}
</script>
<?php
$lookups = str_replace('__RAND__', $rnd1, ob_get_contents());
ob_end_clean();
// code for template based detail view forms
// open the detail view template
if ($dvprint) {
$templateCode = @file_get_contents('./templates/outcomes_templateDVP.html');
} else {
$templateCode = @file_get_contents('./templates/outcomes_templateDV.html');
}
// process form title
$templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Outcome details', $templateCode);
$templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode);
// process buttons
if ($arrPerm[1]) {
// allow insert?
if (!$selected_id) {
$templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button tabindex="2" type="submit" class="btn btn-success" id="insert" name="insert_x" value="1" onclick="return outcomes_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save New'] . '</button>', $templateCode);
}
$templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button tabindex="2" type="submit" class="btn btn-default" id="insert" name="insert_x" value="1" onclick="return outcomes_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save As Copy'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%INSERT_BUTTON%%>', '', $templateCode);
}
// 'Back' button action
if ($_REQUEST['Embedded']) {
$backAction = 'window.parent.jQuery(\'.modal\').modal(\'hide\'); return false;';
} else {
$backAction = '$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;';
}
if ($selected_id) {
if (!$_REQUEST['Embedded']) {
$templateCode = str_replace('<%%DVPRINT_BUTTON%%>', '<button tabindex="2" type="submit" class="btn btn-default" id="dvprint" name="dvprint_x" value="1" onclick="$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print Preview'] . '</button>', $templateCode);
}
if ($AllowUpdate) {
$templateCode = str_replace('<%%UPDATE_BUTTON%%>', '<button tabindex="2" type="submit" class="btn btn-success btn-lg" id="update" name="update_x" value="1" onclick="return outcomes_validateData();"><i class="glyphicon glyphicon-ok"></i> ' . $Translation['Save Changes'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
}
if ($arrPerm[4] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[4] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[4] == 3) {
// allow delete?
$templateCode = str_replace('<%%DELETE_BUTTON%%>', '<button tabindex="2" type="submit" class="btn btn-danger" id="delete" name="delete_x" value="1" onclick="return confirm(\'' . $Translation['are you sure?'] . '\');"><i class="glyphicon glyphicon-trash"></i> ' . $Translation['Delete'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
}
$templateCode = str_replace('<%%DESELECT_BUTTON%%>', '<button tabindex="2" type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
$templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
$templateCode = str_replace('<%%DESELECT_BUTTON%%>', $ShowCancel ? '<button tabindex="2" type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>' : '', $templateCode);
}
// set records to read only if user can't insert new records and can't edit current record
if ($selected_id && !$AllowUpdate && !$arrPerm[1] || !$selected_id && !$arrPerm[1]) {
$jsReadOnly .= "\tjQuery('#outcome_area').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n";
$jsReadOnly .= "\tjQuery('#outcome_area_caption').prop('disabled', true).css({ color: '#555', backgroundColor: 'white' });\n";
$jsReadOnly .= "\tjQuery('#description').replaceWith('<p class=\"form-control-static\" id=\"description\">' + (jQuery('#description').val() || '') + '</p>');\n";
$jsReadOnly .= "\tjQuery('#strata').replaceWith('<p class=\"form-control-static\" id=\"strata\">' + (jQuery('#strata').val() || '') + '</p>'); jQuery('#strata-multi-selection-help').hide();\n";
$noUploads = true;
}
// process combos
$templateCode = str_replace('<%%COMBO(outcome_area)%%>', $combo_outcome_area->HTML, $templateCode);
$templateCode = str_replace('<%%COMBOTEXT(outcome_area)%%>', $combo_outcome_area->MatchText, $templateCode);
$templateCode = str_replace('<%%URLCOMBOTEXT(outcome_area)%%>', urlencode($combo_outcome_area->MatchText), $templateCode);
$templateCode = str_replace('<%%COMBO(strata)%%>', $combo_strata->HTML, $templateCode);
$templateCode = str_replace('<%%COMBOTEXT(strata)%%>', $combo_strata->SelectedData, $templateCode);
// process foreign key links
if ($selected_id) {
$templateCode = str_replace('<%%PLINK(outcome_area)%%>', $combo_outcome_area->SelectedData ? "<span id=\"outcome_areas_plink1\" class=\"hidden\"><a class=\"btn btn-default\" href=\"outcome_areas_view.php?SelectedID=" . urlencode($combo_outcome_area->SelectedData) . "\"><i class=\"glyphicon glyphicon-search\"></i></a></span>" : '', $templateCode);
}
// process images
$templateCode = str_replace('<%%UPLOADFILE(outcome_id)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(outcome_area)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(description)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(strata)%%>', '', $templateCode);
// process values
if ($selected_id) {
$templateCode = str_replace('<%%VALUE(outcome_id)%%>', htmlspecialchars($row['outcome_id'], ENT_QUOTES), $templateCode);
$templateCode = str_replace('<%%URLVALUE(outcome_id)%%>', urlencode($urow['outcome_id']), $templateCode);
$templateCode = str_replace('<%%VALUE(outcome_area)%%>', htmlspecialchars($row['outcome_area'], ENT_QUOTES), $templateCode);
$templateCode = str_replace('<%%URLVALUE(outcome_area)%%>', urlencode($urow['outcome_area']), $templateCode);
if ($dvprint) {
$templateCode = str_replace('<%%VALUE(description)%%>', nl2br(htmlspecialchars($row['description'], ENT_QUOTES)), $templateCode);
} else {
$templateCode = str_replace('<%%VALUE(description)%%>', htmlspecialchars($row['description'], ENT_QUOTES), $templateCode);
}
$templateCode = str_replace('<%%URLVALUE(description)%%>', urlencode($urow['description']), $templateCode);
$templateCode = str_replace('<%%VALUE(strata)%%>', htmlspecialchars($row['strata'], ENT_QUOTES), $templateCode);
$templateCode = str_replace('<%%URLVALUE(strata)%%>', urlencode($urow['strata']), $templateCode);
} else {
$templateCode = str_replace('<%%VALUE(outcome_id)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(outcome_id)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(outcome_area)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(outcome_area)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(description)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(description)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(strata)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(strata)%%>', urlencode(''), $templateCode);
}
// process translations
foreach ($Translation as $symbol => $trans) {
$templateCode = str_replace("<%%TRANSLATION({$symbol})%%>", $trans, $templateCode);
}
// clear scrap
$templateCode = str_replace('<%%', '<!-- ', $templateCode);
$templateCode = str_replace('%%>', ' -->', $templateCode);
// hide links to inaccessible tables
if ($_POST['dvprint_x'] == '') {
$templateCode .= "\n\n<script>jQuery(function(){\n";
$arrTables = getTableList();
foreach ($arrTables as $name => $caption) {
$templateCode .= "\tjQuery('#{$name}_link').removeClass('hidden');\n";
$templateCode .= "\tjQuery('#xs_{$name}_link').removeClass('hidden');\n";
$templateCode .= "\tjQuery('[id^=\"{$name}_plink\"]').removeClass('hidden');\n";
}
$templateCode .= $jsReadOnly;
if (!$selected_id) {
}
$templateCode .= "\n});</script>\n";
}
// ajaxed auto-fill fields
$templateCode .= "<script>";
$templateCode .= "document.observe('dom:loaded', function() {";
$templateCode .= "});";
$templateCode .= "</script>";
$templateCode .= $lookups;
// handle enforced parent values for read-only lookup fields
// don't include blank images in lightbox gallery
$templateCode = preg_replace('/blank.gif" rel="lightbox\\[.*?\\]"/', 'blank.gif"', $templateCode);
// don't display empty email links
$templateCode = preg_replace('/<a .*?href="mailto:".*?<\\/a>/', '', $templateCode);
// hook: outcomes_dv
if (function_exists('outcomes_dv')) {
$args = array();
outcomes_dv($selected_id ? $selected_id : FALSE, getMemberInfo(), $templateCode, $args);
}
return $templateCode;
}
<?php
// This script and data application were generated by AppGini 5.50
// Download AppGini for free from http://bigprof.com/appgini/download/
$currDir = dirname(__FILE__);
include "{$currDir}/defaultLang.php";
include "{$currDir}/language.php";
include "{$currDir}/lib.php";
@(include "{$currDir}/hooks/submitlog.php");
include "{$currDir}/submitlog_dml.php";
// mm: can the current member access this page?
$perm = getTablePermissions('submitlog');
if (!$perm[0]) {
echo error_message($Translation['tableAccessDenied'], false);
echo '<script>setTimeout("window.location=\'index.php?signOut=1\'", 2000);</script>';
exit;
}
$x = new DataList();
$x->TableName = "submitlog";
// Fields that can be displayed in the table view
$x->QueryFieldsTV = array("`submitlog`.`submid`" => "submid", "concat('<img src=\"', if(`submitlog`.`cstatus`, 'checked.gif', 'checkednot.gif'), '\" border=\"0\" />')" => "cstatus", "DATE_FORMAT(`submitlog`.`logtime`, '%c/%e/%Y %l:%i%p')" => "logtime", "`submitlog`.`ipaddr`" => "ipaddr", "`submitlog`.`company`" => "company", "`submitlog`.`country`" => "country", "`submitlog`.`website`" => "website", "`submitlog`.`contactname`" => "contactname", "`submitlog`.`email`" => "email", "`submitlog`.`title`" => "title", "`submitlog`.`version`" => "version", "if(`submitlog`.`pdate`,date_format(`submitlog`.`pdate`,'%m/%d/%Y'),'')" => "pdate", "`submitlog`.`cost`" => "cost", "`submitlog`.`ptype`" => "ptype", "`submitlog`.`install`" => "install", "`submitlog`.`os`" => "os", "`submitlog`.`languages`" => "languages", "`submitlog`.`changeinfo`" => "changeinfo", "`submitlog`.`category`" => "category", "`submitlog`.`requirements`" => "requirements", "`submitlog`.`ksize`" => "ksize", "`submitlog`.`keywords`" => "keywords", "`submitlog`.`description`" => "description", "`submitlog`.`descrlarge`" => "descrlarge", "`submitlog`.`homepage`" => "homepage", "`submitlog`.`screenshot`" => "screenshot", "`submitlog`.`icon`" => "icon", "`submitlog`.`padfile`" => "padfile", "`submitlog`.`download`" => "download", "`submitlog`.`aspnumber`" => "aspnumber", "`submitlog`.`backlink`" => "backlink", "`submitlog`.`affiliate`" => "affiliate", "`submitlog`.`affiliateid`" => "affiliateid");
// mapping incoming sort by requests to actual query fields
$x->SortFields = array(1 => '`submitlog`.`submid`', 2 => '`submitlog`.`cstatus`', 3 => '`submitlog`.`logtime`', 4 => 4, 5 => 5, 6 => 6, 7 => 7, 8 => 8, 9 => 9, 10 => 10, 11 => 11, 12 => '`submitlog`.`pdate`', 13 => '`submitlog`.`cost`', 14 => 14, 15 => 15, 16 => 16, 17 => 17, 18 => 18, 19 => 19, 20 => 20, 21 => '`submitlog`.`ksize`', 22 => 22, 23 => 23, 24 => 24, 25 => 25, 26 => 26, 27 => 27, 28 => 28, 29 => 29, 30 => 30, 31 => 31, 32 => 32, 33 => 33);
// Fields that can be displayed in the csv file
$x->QueryFieldsCSV = array("`submitlog`.`submid`" => "submid", "`submitlog`.`cstatus`" => "cstatus", "DATE_FORMAT(`submitlog`.`logtime`, '%c/%e/%Y %l:%i%p')" => "logtime", "`submitlog`.`ipaddr`" => "ipaddr", "`submitlog`.`company`" => "company", "`submitlog`.`country`" => "country", "`submitlog`.`website`" => "website", "`submitlog`.`contactname`" => "contactname", "`submitlog`.`email`" => "email", "`submitlog`.`title`" => "title", "`submitlog`.`version`" => "version", "if(`submitlog`.`pdate`,date_format(`submitlog`.`pdate`,'%m/%d/%Y'),'')" => "pdate", "`submitlog`.`cost`" => "cost", "`submitlog`.`ptype`" => "ptype", "`submitlog`.`install`" => "install", "`submitlog`.`os`" => "os", "`submitlog`.`languages`" => "languages", "`submitlog`.`changeinfo`" => "changeinfo", "`submitlog`.`category`" => "category", "`submitlog`.`requirements`" => "requirements", "`submitlog`.`ksize`" => "ksize", "`submitlog`.`keywords`" => "keywords", "`submitlog`.`description`" => "description", "`submitlog`.`descrlarge`" => "descrlarge", "`submitlog`.`homepage`" => "homepage", "`submitlog`.`screenshot`" => "screenshot", "`submitlog`.`icon`" => "icon", "`submitlog`.`padfile`" => "padfile", "`submitlog`.`download`" => "download", "`submitlog`.`aspnumber`" => "aspnumber", "`submitlog`.`backlink`" => "backlink", "`submitlog`.`affiliate`" => "affiliate", "`submitlog`.`affiliateid`" => "affiliateid");
// Fields that can be filtered
$x->QueryFieldsFilters = array("`submitlog`.`submid`" => "No", "`submitlog`.`cstatus`" => "Status", "`submitlog`.`logtime`" => "Submission Date", "`submitlog`.`ipaddr`" => "IP", "`submitlog`.`company`" => "Company Name", "`submitlog`.`country`" => "Country", "`submitlog`.`website`" => "website", "`submitlog`.`contactname`" => "contactname", "`submitlog`.`email`" => "email", "`submitlog`.`title`" => "Title", "`submitlog`.`version`" => "Version", "`submitlog`.`pdate`" => "pdate", "`submitlog`.`cost`" => "cost", "`submitlog`.`ptype`" => "ptype", "`submitlog`.`install`" => "install", "`submitlog`.`os`" => "os", "`submitlog`.`languages`" => "languages", "`submitlog`.`changeinfo`" => "changeinfo", "`submitlog`.`category`" => "category", "`submitlog`.`requirements`" => "requirements", "`submitlog`.`ksize`" => "ksize", "`submitlog`.`keywords`" => "keywords", "`submitlog`.`description`" => "description", "`submitlog`.`descrlarge`" => "descrlarge", "`submitlog`.`homepage`" => "homepage", "`submitlog`.`icon`" => "icon", "`submitlog`.`padfile`" => "PAD file", "`submitlog`.`download`" => "Download", "`submitlog`.`aspnumber`" => "aspnumber", "`submitlog`.`backlink`" => "Backlink URL", "`submitlog`.`affiliate`" => "Affiliate", "`submitlog`.`affiliateid`" => "Affiliate Data");
// Fields that can be quick searched
$x->QueryFieldsQS = array("`submitlog`.`submid`" => "submid", "concat('<img src=\"', if(`submitlog`.`cstatus`, 'checked.gif', 'checkednot.gif'), '\" border=\"0\" />')" => "cstatus", "DATE_FORMAT(`submitlog`.`logtime`, '%c/%e/%Y %l:%i%p')" => "logtime", "`submitlog`.`ipaddr`" => "ipaddr", "`submitlog`.`company`" => "company", "`submitlog`.`country`" => "country", "`submitlog`.`website`" => "website", "`submitlog`.`contactname`" => "contactname", "`submitlog`.`email`" => "email", "`submitlog`.`title`" => "title", "`submitlog`.`version`" => "version", "if(`submitlog`.`pdate`,date_format(`submitlog`.`pdate`,'%m/%d/%Y'),'')" => "pdate", "`submitlog`.`cost`" => "cost", "`submitlog`.`ptype`" => "ptype", "`submitlog`.`install`" => "install", "`submitlog`.`os`" => "os", "`submitlog`.`languages`" => "languages", "`submitlog`.`changeinfo`" => "changeinfo", "`submitlog`.`category`" => "category", "`submitlog`.`requirements`" => "requirements", "`submitlog`.`ksize`" => "ksize", "`submitlog`.`keywords`" => "keywords", "`submitlog`.`description`" => "description", "`submitlog`.`descrlarge`" => "descrlarge", "`submitlog`.`homepage`" => "homepage", "`submitlog`.`icon`" => "icon", "`submitlog`.`padfile`" => "padfile", "`submitlog`.`download`" => "download", "`submitlog`.`aspnumber`" => "aspnumber", "`submitlog`.`backlink`" => "backlink", "`submitlog`.`affiliate`" => "affiliate", "`submitlog`.`affiliateid`" => "affiliateid");
// Lookup fields that can be used as filterers
$x->filterers = array();
function outcome_areas_form($selected_id = '', $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0)
{
// function to return an editable form for a table records
// and fill it with data of record whose ID is $selected_id. If $selected_id
// is empty, an empty form is shown, with only an 'Add New'
// button displayed.
global $Translation;
// mm: get table permissions
$arrPerm = getTablePermissions('outcome_areas');
if (!$arrPerm[1] && $selected_id == '') {
return '';
}
// print preview?
$dvprint = false;
if ($selected_id && $_REQUEST['dvprint_x'] != '') {
$dvprint = true;
}
// populate filterers, starting from children to grand-parents
// unique random identifier
$rnd1 = $dvprint ? rand(1000000, 9999999) : '';
if ($selected_id) {
// mm: check member permissions
if (!$arrPerm[2]) {
return "";
}
// mm: who is the owner?
$ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='outcome_areas' and pkValue='" . makeSafe($selected_id) . "'");
$ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='outcome_areas' and pkValue='" . makeSafe($selected_id) . "'");
if ($arrPerm[2] == 1 && getLoggedMemberID() != $ownerMemberID) {
return "";
}
if ($arrPerm[2] == 2 && getLoggedGroupID() != $ownerGroupID) {
return "";
}
// can edit?
if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) {
$AllowUpdate = 1;
} else {
$AllowUpdate = 0;
}
$res = sql("select * from `outcome_areas` where `outcome_area_id`='" . makeSafe($selected_id) . "'", $eo);
$row = mysql_fetch_array($res);
$urow = $row;
/* unsanitized data */
$hc = new CI_Input();
$row = $hc->xss_clean($row);
/* sanitize data */
} else {
}
ob_start();
?>
<script>
// initial lookup values
jQuery(function() {
});
</script>
<?php
$lookups = str_replace('__RAND__', $rnd1, ob_get_contents());
ob_end_clean();
// code for template based detail view forms
// open the detail view template
if ($dvprint) {
$templateCode = @file_get_contents('./templates/outcome_areas_templateDVP.html');
} else {
$templateCode = @file_get_contents('./templates/outcome_areas_templateDV.html');
}
// process form title
$templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Outcome area details', $templateCode);
$templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode);
// process buttons
if ($arrPerm[1]) {
// allow insert?
if (!$selected_id) {
$templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button tabindex="2" type="submit" class="btn btn-success" id="insert" name="insert_x" value="1" onclick="return outcome_areas_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save New'] . '</button>', $templateCode);
}
$templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button tabindex="2" type="submit" class="btn btn-default" id="insert" name="insert_x" value="1" onclick="return outcome_areas_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save As Copy'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%INSERT_BUTTON%%>', '', $templateCode);
}
// 'Back' button action
if ($_REQUEST['Embedded']) {
$backAction = 'window.parent.jQuery(\'.modal\').modal(\'hide\'); return false;';
} else {
$backAction = '$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;';
}
if ($selected_id) {
if (!$_REQUEST['Embedded']) {
$templateCode = str_replace('<%%DVPRINT_BUTTON%%>', '<button tabindex="2" type="submit" class="btn btn-default" id="dvprint" name="dvprint_x" value="1" onclick="$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print Preview'] . '</button>', $templateCode);
}
if ($AllowUpdate) {
$templateCode = str_replace('<%%UPDATE_BUTTON%%>', '<button tabindex="2" type="submit" class="btn btn-success btn-lg" id="update" name="update_x" value="1" onclick="return outcome_areas_validateData();"><i class="glyphicon glyphicon-ok"></i> ' . $Translation['Save Changes'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
}
if ($arrPerm[4] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[4] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[4] == 3) {
// allow delete?
$templateCode = str_replace('<%%DELETE_BUTTON%%>', '<button tabindex="2" type="submit" class="btn btn-danger" id="delete" name="delete_x" value="1" onclick="return confirm(\'' . $Translation['are you sure?'] . '\');"><i class="glyphicon glyphicon-trash"></i> ' . $Translation['Delete'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
}
$templateCode = str_replace('<%%DESELECT_BUTTON%%>', '<button tabindex="2" type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
$templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
$templateCode = str_replace('<%%DESELECT_BUTTON%%>', $ShowCancel ? '<button tabindex="2" type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>' : '', $templateCode);
}
// set records to read only if user can't insert new records and can't edit current record
if ($selected_id && !$AllowUpdate && !$arrPerm[1] || !$selected_id && !$arrPerm[1]) {
$jsReadOnly .= "\tjQuery('#name').replaceWith('<p class=\"form-control-static\" id=\"name\">' + (jQuery('#name').val() || '') + '</p>');\n";
$jsReadOnly .= "\tjQuery('#description').replaceWith('<p class=\"form-control-static\" id=\"description\">' + (jQuery('#description').val() || '') + '</p>');\n";
$noUploads = true;
}
// process combos
// process foreign key links
if ($selected_id) {
}
// process images
$templateCode = str_replace('<%%UPLOADFILE(outcome_area_id)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(name)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(description)%%>', '', $templateCode);
// process values
if ($selected_id) {
$templateCode = str_replace('<%%VALUE(outcome_area_id)%%>', htmlspecialchars($row['outcome_area_id'], ENT_QUOTES), $templateCode);
$templateCode = str_replace('<%%URLVALUE(outcome_area_id)%%>', urlencode($urow['outcome_area_id']), $templateCode);
$templateCode = str_replace('<%%VALUE(name)%%>', htmlspecialchars($row['name'], ENT_QUOTES), $templateCode);
$templateCode = str_replace('<%%URLVALUE(name)%%>', urlencode($urow['name']), $templateCode);
if ($dvprint) {
$templateCode = str_replace('<%%VALUE(description)%%>', nl2br(htmlspecialchars($row['description'], ENT_QUOTES)), $templateCode);
} else {
$templateCode = str_replace('<%%VALUE(description)%%>', htmlspecialchars($row['description'], ENT_QUOTES), $templateCode);
}
$templateCode = str_replace('<%%URLVALUE(description)%%>', urlencode($urow['description']), $templateCode);
} else {
$templateCode = str_replace('<%%VALUE(outcome_area_id)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(outcome_area_id)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(name)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(name)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(description)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(description)%%>', urlencode(''), $templateCode);
}
// process translations
foreach ($Translation as $symbol => $trans) {
$templateCode = str_replace("<%%TRANSLATION({$symbol})%%>", $trans, $templateCode);
}
// clear scrap
$templateCode = str_replace('<%%', '<!-- ', $templateCode);
$templateCode = str_replace('%%>', ' -->', $templateCode);
// hide links to inaccessible tables
if ($_POST['dvprint_x'] == '') {
$templateCode .= "\n\n<script>jQuery(function(){\n";
$arrTables = getTableList();
foreach ($arrTables as $name => $caption) {
$templateCode .= "\tjQuery('#{$name}_link').removeClass('hidden');\n";
$templateCode .= "\tjQuery('#xs_{$name}_link').removeClass('hidden');\n";
$templateCode .= "\tjQuery('[id^=\"{$name}_plink\"]').removeClass('hidden');\n";
}
$templateCode .= $jsReadOnly;
if (!$selected_id) {
}
$templateCode .= "\n});</script>\n";
}
// ajaxed auto-fill fields
$templateCode .= "<script>";
$templateCode .= "document.observe('dom:loaded', function() {";
$templateCode .= "});";
$templateCode .= "</script>";
$templateCode .= $lookups;
// handle enforced parent values for read-only lookup fields
// don't include blank images in lightbox gallery
$templateCode = preg_replace('/blank.gif" rel="lightbox\\[.*?\\]"/', 'blank.gif"', $templateCode);
// don't display empty email links
$templateCode = preg_replace('/<a .*?href="mailto:".*?<\\/a>/', '', $templateCode);
// hook: outcome_areas_dv
if (function_exists('outcome_areas_dv')) {
$args = array();
outcome_areas_dv($selected_id ? $selected_id : FALSE, getMemberInfo(), $templateCode, $args);
}
return $templateCode;
}
<?php
// This script and data application were generated by AppGini 5.31
// Download AppGini for free from http://bigprof.com/appgini/download/
$currDir = dirname(__FILE__);
include "{$currDir}/defaultLang.php";
include "{$currDir}/language.php";
include "{$currDir}/lib.php";
@(include "{$currDir}/hooks/residence_and_rental_history.php");
include "{$currDir}/residence_and_rental_history_dml.php";
// mm: can the current member access this page?
$perm = getTablePermissions('residence_and_rental_history');
if (!$perm[0]) {
echo error_message($Translation['tableAccessDenied'], false);
echo '<script>setTimeout("window.location=\'index.php?signOut=1\'", 2000);</script>';
exit;
}
$x = new DataList();
$x->TableName = "residence_and_rental_history";
// Fields that can be displayed in the table view
$x->QueryFieldsTV = array("`residence_and_rental_history`.`id`" => "id", "IF( CHAR_LENGTH(`applicants_and_tenants1`.`first_name`) || CHAR_LENGTH(`applicants_and_tenants1`.`last_name`), CONCAT_WS('', `applicants_and_tenants1`.`first_name`, ' ', `applicants_and_tenants1`.`last_name`), '') /* Tenant */" => "tenant", "`residence_and_rental_history`.`address`" => "address", "`residence_and_rental_history`.`landlord_or_manager_name`" => "landlord_or_manager_name", "`residence_and_rental_history`.`landlord_or_manager_phone`" => "landlord_or_manager_phone", "CONCAT('\$', FORMAT(`residence_and_rental_history`.`monthly_rent`, 2))" => "monthly_rent", "if(`residence_and_rental_history`.`duration_of_residency_from`,date_format(`residence_and_rental_history`.`duration_of_residency_from`,'%m/%d/%Y'),'')" => "duration_of_residency_from", "if(`residence_and_rental_history`.`to`,date_format(`residence_and_rental_history`.`to`,'%m/%d/%Y'),'')" => "to", "`residence_and_rental_history`.`reason_for_leaving`" => "reason_for_leaving", "`residence_and_rental_history`.`notes`" => "notes");
// mapping incoming sort by requests to actual query fields
$x->SortFields = array(1 => '`residence_and_rental_history`.`id`', 2 => 2, 3 => 3, 4 => 4, 5 => 5, 6 => '`residence_and_rental_history`.`monthly_rent`', 7 => '`residence_and_rental_history`.`duration_of_residency_from`', 8 => '`residence_and_rental_history`.`to`', 9 => 9, 10 => 10);
// Fields that can be displayed in the csv file
$x->QueryFieldsCSV = array("`residence_and_rental_history`.`id`" => "id", "IF( CHAR_LENGTH(`applicants_and_tenants1`.`first_name`) || CHAR_LENGTH(`applicants_and_tenants1`.`last_name`), CONCAT_WS('', `applicants_and_tenants1`.`first_name`, ' ', `applicants_and_tenants1`.`last_name`), '') /* Tenant */" => "tenant", "`residence_and_rental_history`.`address`" => "address", "`residence_and_rental_history`.`landlord_or_manager_name`" => "landlord_or_manager_name", "`residence_and_rental_history`.`landlord_or_manager_phone`" => "landlord_or_manager_phone", "CONCAT('\$', FORMAT(`residence_and_rental_history`.`monthly_rent`, 2))" => "monthly_rent", "if(`residence_and_rental_history`.`duration_of_residency_from`,date_format(`residence_and_rental_history`.`duration_of_residency_from`,'%m/%d/%Y'),'')" => "duration_of_residency_from", "if(`residence_and_rental_history`.`to`,date_format(`residence_and_rental_history`.`to`,'%m/%d/%Y'),'')" => "to", "`residence_and_rental_history`.`reason_for_leaving`" => "reason_for_leaving", "`residence_and_rental_history`.`notes`" => "notes");
// Fields that can be filtered
$x->QueryFieldsFilters = array("`residence_and_rental_history`.`id`" => "ID", "IF( CHAR_LENGTH(`applicants_and_tenants1`.`first_name`) || CHAR_LENGTH(`applicants_and_tenants1`.`last_name`), CONCAT_WS('', `applicants_and_tenants1`.`first_name`, ' ', `applicants_and_tenants1`.`last_name`), '') /* Tenant */" => "Tenant", "`residence_and_rental_history`.`address`" => "Address", "`residence_and_rental_history`.`landlord_or_manager_name`" => "Landlord/manager name", "`residence_and_rental_history`.`landlord_or_manager_phone`" => "Landlord/manager phone", "`residence_and_rental_history`.`monthly_rent`" => "Monthly rent", "`residence_and_rental_history`.`duration_of_residency_from`" => "Duration of residency from", "`residence_and_rental_history`.`to`" => "to", "`residence_and_rental_history`.`reason_for_leaving`" => "Reason for leaving", "`residence_and_rental_history`.`notes`" => "Notes");
// Fields that can be quick searched
$x->QueryFieldsQS = array("`residence_and_rental_history`.`id`" => "id", "IF( CHAR_LENGTH(`applicants_and_tenants1`.`first_name`) || CHAR_LENGTH(`applicants_and_tenants1`.`last_name`), CONCAT_WS('', `applicants_and_tenants1`.`first_name`, ' ', `applicants_and_tenants1`.`last_name`), '') /* Tenant */" => "tenant", "`residence_and_rental_history`.`address`" => "address", "`residence_and_rental_history`.`landlord_or_manager_name`" => "landlord_or_manager_name", "`residence_and_rental_history`.`landlord_or_manager_phone`" => "landlord_or_manager_phone", "CONCAT('\$', FORMAT(`residence_and_rental_history`.`monthly_rent`, 2))" => "monthly_rent", "if(`residence_and_rental_history`.`duration_of_residency_from`,date_format(`residence_and_rental_history`.`duration_of_residency_from`,'%m/%d/%Y'),'')" => "duration_of_residency_from", "if(`residence_and_rental_history`.`to`,date_format(`residence_and_rental_history`.`to`,'%m/%d/%Y'),'')" => "to", "`residence_and_rental_history`.`reason_for_leaving`" => "reason_for_leaving", "`residence_and_rental_history`.`notes`" => "notes");
// Lookup fields that can be used as filterers
$x->filterers = array('tenant' => 'Tenant');
<?php
// This script and data application were generated by AppGini 5.50
// Download AppGini for free from http://bigprof.com/appgini/download/
$currDir = dirname(__FILE__);
include "{$currDir}/defaultLang.php";
include "{$currDir}/language.php";
include "{$currDir}/lib.php";
@(include "{$currDir}/hooks/duck_mrs2016.php");
include "{$currDir}/duck_mrs2016_dml.php";
// mm: can the current member access this page?
$perm = getTablePermissions('duck_mrs2016');
if (!$perm[0]) {
echo error_message($Translation['tableAccessDenied'], false);
echo '<script>setTimeout("window.location=\'index.php?signOut=1\'", 2000);</script>';
exit;
}
$x = new DataList();
$x->TableName = "duck_mrs2016";
// Fields that can be displayed in the table view
$x->QueryFieldsTV = array("`duck_mrs2016`.`duck_id`" => "duck_id", "IF( CHAR_LENGTH(`trans_mrs20161`.`transaction_id`), CONCAT_WS('', `trans_mrs20161`.`transaction_id`), '') /* Transactie nr */" => "transaction_id", "`duck_mrs2016`.`creationdate`" => "creationdate");
// mapping incoming sort by requests to actual query fields
$x->SortFields = array(1 => '`duck_mrs2016`.`duck_id`', 2 => 2, 3 => 3);
// Fields that can be displayed in the csv file
$x->QueryFieldsCSV = array("`duck_mrs2016`.`duck_id`" => "duck_id", "IF( CHAR_LENGTH(`trans_mrs20161`.`transaction_id`), CONCAT_WS('', `trans_mrs20161`.`transaction_id`), '') /* Transactie nr */" => "transaction_id", "`duck_mrs2016`.`creationdate`" => "creationdate");
// Fields that can be filtered
$x->QueryFieldsFilters = array("`duck_mrs2016`.`duck_id`" => "Badeend nr", "IF( CHAR_LENGTH(`trans_mrs20161`.`transaction_id`), CONCAT_WS('', `trans_mrs20161`.`transaction_id`), '') /* Transactie nr */" => "Transactie nr", "`duck_mrs2016`.`creationdate`" => "Creationdate");
// Fields that can be quick searched
$x->QueryFieldsQS = array("`duck_mrs2016`.`duck_id`" => "duck_id", "IF( CHAR_LENGTH(`trans_mrs20161`.`transaction_id`), CONCAT_WS('', `trans_mrs20161`.`transaction_id`), '') /* Transactie nr */" => "transaction_id", "`duck_mrs2016`.`creationdate`" => "creationdate");
// Lookup fields that can be used as filterers
$x->filterers = array('transaction_id' => 'Transactie nr');
<?php
// This script and data application were generated by AppGini 5.42
// Download AppGini for free from http://bigprof.com/appgini/download/
$currDir = dirname(__FILE__);
include "{$currDir}/defaultLang.php";
include "{$currDir}/language.php";
include "{$currDir}/lib.php";
@(include "{$currDir}/hooks/order_details.php");
include "{$currDir}/order_details_dml.php";
// mm: can the current member access this page?
$perm = getTablePermissions('order_details');
if (!$perm[0]) {
echo error_message($Translation['tableAccessDenied'], false);
echo '<script>setTimeout("window.location=\'index.php?signOut=1\'", 2000);</script>';
exit;
}
$x = new DataList();
$x->TableName = "order_details";
// Fields that can be displayed in the table view
$x->QueryFieldsTV = array("`order_details`.`odID`" => "odID", "IF( CHAR_LENGTH(`orders1`.`OrderID`), CONCAT_WS('', `orders1`.`OrderID`), '') /* Order ID */" => "OrderID", "IF( CHAR_LENGTH(`products1`.`ProductName`), CONCAT_WS('', `products1`.`ProductName`), '') /* Product */" => "ProductID", "IF( CHAR_LENGTH(`categories1`.`CategoryName`) || CHAR_LENGTH(`suppliers1`.`CompanyName`), CONCAT_WS('', `categories1`.`CategoryName`, `suppliers1`.`CompanyName`), '') /* Category */" => "Category", "CONCAT('\$', FORMAT(`order_details`.`UnitPrice`, 2))" => "UnitPrice", "`order_details`.`Quantity`" => "Quantity", "CONCAT('\$', FORMAT(`order_details`.`Discount`, 2))" => "Discount");
// mapping incoming sort by requests to actual query fields
$x->SortFields = array(1 => '`order_details`.`odID`', 2 => 2, 3 => 3, 4 => 4, 5 => '`order_details`.`UnitPrice`', 6 => '`order_details`.`Quantity`', 7 => '`order_details`.`Discount`');
// Fields that can be displayed in the csv file
$x->QueryFieldsCSV = array("`order_details`.`odID`" => "odID", "IF( CHAR_LENGTH(`orders1`.`OrderID`), CONCAT_WS('', `orders1`.`OrderID`), '') /* Order ID */" => "OrderID", "IF( CHAR_LENGTH(`products1`.`ProductName`), CONCAT_WS('', `products1`.`ProductName`), '') /* Product */" => "ProductID", "IF( CHAR_LENGTH(`categories1`.`CategoryName`) || CHAR_LENGTH(`suppliers1`.`CompanyName`), CONCAT_WS('', `categories1`.`CategoryName`, `suppliers1`.`CompanyName`), '') /* Category */" => "Category", "CONCAT('\$', FORMAT(`order_details`.`UnitPrice`, 2))" => "UnitPrice", "`order_details`.`Quantity`" => "Quantity", "CONCAT('\$', FORMAT(`order_details`.`Discount`, 2))" => "Discount");
// Fields that can be filtered
$x->QueryFieldsFilters = array("`order_details`.`odID`" => "ID", "IF( CHAR_LENGTH(`orders1`.`OrderID`), CONCAT_WS('', `orders1`.`OrderID`), '') /* Order ID */" => "Order ID", "IF( CHAR_LENGTH(`products1`.`ProductName`), CONCAT_WS('', `products1`.`ProductName`), '') /* Product */" => "Product", "IF( CHAR_LENGTH(`categories1`.`CategoryName`) || CHAR_LENGTH(`suppliers1`.`CompanyName`), CONCAT_WS('', `categories1`.`CategoryName`, `suppliers1`.`CompanyName`), '') /* Category */" => "Category", "`order_details`.`UnitPrice`" => "Unit Price", "`order_details`.`Quantity`" => "Quantity", "`order_details`.`Discount`" => "Discount");
// Fields that can be quick searched
$x->QueryFieldsQS = array("`order_details`.`odID`" => "odID", "IF( CHAR_LENGTH(`orders1`.`OrderID`), CONCAT_WS('', `orders1`.`OrderID`), '') /* Order ID */" => "OrderID", "IF( CHAR_LENGTH(`products1`.`ProductName`), CONCAT_WS('', `products1`.`ProductName`), '') /* Product */" => "ProductID", "IF( CHAR_LENGTH(`categories1`.`CategoryName`) || CHAR_LENGTH(`suppliers1`.`CompanyName`), CONCAT_WS('', `categories1`.`CategoryName`, `suppliers1`.`CompanyName`), '') /* Category */" => "Category", "CONCAT('\$', FORMAT(`order_details`.`UnitPrice`, 2))" => "UnitPrice", "`order_details`.`Quantity`" => "Quantity", "CONCAT('\$', FORMAT(`order_details`.`Discount`, 2))" => "Discount");
// Lookup fields that can be used as filterers
$x->filterers = array('OrderID' => 'Order ID', 'ProductID' => 'Product');
<?php
// This script and data application were generated by AppGini 5.50
// Download AppGini for free from http://bigprof.com/appgini/download/
$currDir = dirname(__FILE__);
include "{$currDir}/defaultLang.php";
include "{$currDir}/language.php";
include "{$currDir}/lib.php";
@(include "{$currDir}/hooks/shippers.php");
include "{$currDir}/shippers_dml.php";
// mm: can the current member access this page?
$perm = getTablePermissions('shippers');
if (!$perm[0]) {
echo error_message($Translation['tableAccessDenied'], false);
echo '<script>setTimeout("window.location=\'index.php?signOut=1\'", 2000);</script>';
exit;
}
$x = new DataList();
$x->TableName = "shippers";
// Fields that can be displayed in the table view
$x->QueryFieldsTV = array("`shippers`.`ShipperID`" => "ShipperID", "`shippers`.`CompanyName`" => "CompanyName", "`shippers`.`Phone`" => "Phone");
// mapping incoming sort by requests to actual query fields
$x->SortFields = array(1 => '`shippers`.`ShipperID`', 2 => 2, 3 => 3);
// Fields that can be displayed in the csv file
$x->QueryFieldsCSV = array("`shippers`.`ShipperID`" => "ShipperID", "`shippers`.`CompanyName`" => "CompanyName", "`shippers`.`Phone`" => "Phone");
// Fields that can be filtered
$x->QueryFieldsFilters = array("`shippers`.`ShipperID`" => "Shipper ID", "`shippers`.`CompanyName`" => "Company Name", "`shippers`.`Phone`" => "Phone");
// Fields that can be quick searched
$x->QueryFieldsQS = array("`shippers`.`ShipperID`" => "ShipperID", "`shippers`.`CompanyName`" => "CompanyName", "`shippers`.`Phone`" => "Phone");
// Lookup fields that can be used as filterers
$x->filterers = array();
<?php
// This script and data application were generated by AppGini 4.52
// Download AppGini for free from http://www.bigprof.com/appgini/download/
$d = dirname(__FILE__);
include "{$d}/defaultLang.php";
include "{$d}/language.php";
include "{$d}/lib.php";
@(include "{$d}/hooks/diseases.php");
include "{$d}/diseases_dml.php";
// mm: can the current member access this page?
$perm = getTablePermissions('diseases');
if (!$perm[0]) {
echo StyleSheet();
echo "<div class=\"error\">" . $Translation['tableAccessDenied'] . "</div>";
echo '<script language="javaScript">setInterval("window.location=\'index.php?signOut=1\'", 2000);</script>';
exit;
}
$x = new DataList();
$x->TableName = "diseases";
// Fields that can be displayed in the table view
$x->QueryFieldsTV = array("`diseases`.`id`" => "ID", "`diseases`.`short_name`" => "Short name", "`diseases`.`latin_name`" => "Latin name", "`diseases`.`description`" => "Description", "`diseases`.`other_details`" => "Other details", "`diseases`.`comments`" => "Comments");
// Fields that can be displayed in the csv file
$x->QueryFieldsCSV = array("`diseases`.`id`" => "ID", "`diseases`.`short_name`" => "Short name", "`diseases`.`latin_name`" => "Latin name", "`diseases`.`description`" => "Description", "`diseases`.`other_details`" => "Other details", "`diseases`.`comments`" => "Comments");
// Fields that can be filtered
$x->QueryFieldsFilters = array("`diseases`.`id`" => "ID", "`diseases`.`short_name`" => "Short name", "`diseases`.`latin_name`" => "Latin name", "`diseases`.`description`" => "Description", "`diseases`.`other_details`" => "Other details", "`diseases`.`comments`" => "Comments");
// Fields that can be quick searched
$x->QueryFieldsQS = array("`diseases`.`id`" => "ID", "`diseases`.`short_name`" => "Short name", "`diseases`.`latin_name`" => "Latin name", "`diseases`.`description`" => "Description", "`diseases`.`other_details`" => "Other details", "`diseases`.`comments`" => "Comments");
$x->QueryFrom = "`diseases` ";
$x->QueryWhere = '';
$x->QueryOrder = '';
<?php
// This script and data application were generated by AppGini 5.42
// Download AppGini for free from http://bigprof.com/appgini/download/
$currDir = dirname(__FILE__);
include "{$currDir}/defaultLang.php";
include "{$currDir}/language.php";
include "{$currDir}/lib.php";
@(include "{$currDir}/hooks/employees.php");
include "{$currDir}/employees_dml.php";
// mm: can the current member access this page?
$perm = getTablePermissions('employees');
if (!$perm[0]) {
echo error_message($Translation['tableAccessDenied'], false);
echo '<script>setTimeout("window.location=\'index.php?signOut=1\'", 2000);</script>';
exit;
}
$x = new DataList();
$x->TableName = "employees";
// Fields that can be displayed in the table view
$x->QueryFieldsTV = array("`employees`.`EmployeeID`" => "EmployeeID", "`employees`.`TitleOfCourtesy`" => "TitleOfCourtesy", "`employees`.`Photo`" => "Photo", "`employees`.`LastName`" => "LastName", "`employees`.`FirstName`" => "FirstName", "`employees`.`Title`" => "Title", "if(`employees`.`BirthDate`,date_format(`employees`.`BirthDate`,'%m/%d/%Y'),'')" => "BirthDate", "if(`employees`.`HireDate`,date_format(`employees`.`HireDate`,'%m/%d/%Y'),'')" => "HireDate", "`employees`.`Address`" => "Address", "`employees`.`City`" => "City", "`employees`.`Region`" => "Region", "`employees`.`PostalCode`" => "PostalCode", "`employees`.`Country`" => "Country", "`employees`.`HomePhone`" => "HomePhone", "`employees`.`Extension`" => "Extension", "`employees`.`Notes`" => "Notes", "IF( CHAR_LENGTH(`employees1`.`LastName`) || CHAR_LENGTH(`employees1`.`FirstName`), CONCAT_WS('', `employees1`.`LastName`, ', ', `employees1`.`FirstName`), '') /* ReportsTo */" => "ReportsTo");
// mapping incoming sort by requests to actual query fields
$x->SortFields = array(1 => '`employees`.`EmployeeID`', 2 => 2, 3 => 3, 4 => 4, 5 => 5, 6 => 6, 7 => '`employees`.`BirthDate`', 8 => '`employees`.`HireDate`', 9 => 9, 10 => 10, 11 => 11, 12 => 12, 13 => 13, 14 => 14, 15 => 15, 16 => 16, 17 => 17);
// Fields that can be displayed in the csv file
$x->QueryFieldsCSV = array("`employees`.`EmployeeID`" => "EmployeeID", "`employees`.`TitleOfCourtesy`" => "TitleOfCourtesy", "`employees`.`Photo`" => "Photo", "`employees`.`LastName`" => "LastName", "`employees`.`FirstName`" => "FirstName", "`employees`.`Title`" => "Title", "if(`employees`.`BirthDate`,date_format(`employees`.`BirthDate`,'%m/%d/%Y'),'')" => "BirthDate", "if(`employees`.`HireDate`,date_format(`employees`.`HireDate`,'%m/%d/%Y'),'')" => "HireDate", "`employees`.`Address`" => "Address", "`employees`.`City`" => "City", "`employees`.`Region`" => "Region", "`employees`.`PostalCode`" => "PostalCode", "`employees`.`Country`" => "Country", "`employees`.`HomePhone`" => "HomePhone", "`employees`.`Extension`" => "Extension", "`employees`.`Notes`" => "Notes", "IF( CHAR_LENGTH(`employees1`.`LastName`) || CHAR_LENGTH(`employees1`.`FirstName`), CONCAT_WS('', `employees1`.`LastName`, ', ', `employees1`.`FirstName`), '') /* ReportsTo */" => "ReportsTo");
// Fields that can be filtered
$x->QueryFieldsFilters = array("`employees`.`EmployeeID`" => "Employee ID", "`employees`.`TitleOfCourtesy`" => "Title Of Courtesy", "`employees`.`LastName`" => "Last Name", "`employees`.`FirstName`" => "First Name", "`employees`.`Title`" => "Title", "`employees`.`BirthDate`" => "Birth Date", "`employees`.`HireDate`" => "Hire Date", "`employees`.`Address`" => "Address", "`employees`.`City`" => "City", "`employees`.`Region`" => "Region", "`employees`.`PostalCode`" => "Postal Code", "`employees`.`Country`" => "Country", "`employees`.`HomePhone`" => "Home Phone", "`employees`.`Extension`" => "Extension", "`employees`.`Notes`" => "Notes");
// Fields that can be quick searched
$x->QueryFieldsQS = array("`employees`.`EmployeeID`" => "EmployeeID", "`employees`.`TitleOfCourtesy`" => "TitleOfCourtesy", "`employees`.`LastName`" => "LastName", "`employees`.`FirstName`" => "FirstName", "`employees`.`Title`" => "Title", "if(`employees`.`BirthDate`,date_format(`employees`.`BirthDate`,'%m/%d/%Y'),'')" => "BirthDate", "if(`employees`.`HireDate`,date_format(`employees`.`HireDate`,'%m/%d/%Y'),'')" => "HireDate", "`employees`.`Address`" => "Address", "`employees`.`City`" => "City", "`employees`.`Region`" => "Region", "`employees`.`PostalCode`" => "PostalCode", "`employees`.`Country`" => "Country", "`employees`.`HomePhone`" => "HomePhone", "`employees`.`Extension`" => "Extension", "`employees`.`Notes`" => "Notes");
// Lookup fields that can be used as filterers
$x->filterers = array('ReportsTo' => 'ReportsTo');
<?php
// This script and data application were generated by AppGini 5.31
// Download AppGini for free from http://bigprof.com/appgini/download/
$currDir = dirname(__FILE__);
include "{$currDir}/defaultLang.php";
include "{$currDir}/language.php";
include "{$currDir}/lib.php";
@(include "{$currDir}/hooks/employment_and_income_history.php");
include "{$currDir}/employment_and_income_history_dml.php";
// mm: can the current member access this page?
$perm = getTablePermissions('employment_and_income_history');
if (!$perm[0]) {
echo error_message($Translation['tableAccessDenied'], false);
echo '<script>setTimeout("window.location=\'index.php?signOut=1\'", 2000);</script>';
exit;
}
$x = new DataList();
$x->TableName = "employment_and_income_history";
// Fields that can be displayed in the table view
$x->QueryFieldsTV = array("`employment_and_income_history`.`id`" => "id", "IF( CHAR_LENGTH(`applicants_and_tenants1`.`first_name`) || CHAR_LENGTH(`applicants_and_tenants1`.`last_name`), CONCAT_WS('', `applicants_and_tenants1`.`first_name`, ' ', `applicants_and_tenants1`.`last_name`), '') /* Tenant */" => "tenant", "`employment_and_income_history`.`employer_name`" => "employer_name", "`employment_and_income_history`.`city`" => "city", "CONCAT_WS('-', LEFT(`employment_and_income_history`.`employer_phone`,3), MID(`employment_and_income_history`.`employer_phone`,4,3), RIGHT(`employment_and_income_history`.`employer_phone`,4))" => "employer_phone", "if(`employment_and_income_history`.`employed_from`,date_format(`employment_and_income_history`.`employed_from`,'%m/%d/%Y'),'')" => "employed_from", "if(`employment_and_income_history`.`employed_till`,date_format(`employment_and_income_history`.`employed_till`,'%m/%d/%Y'),'')" => "employed_till", "`employment_and_income_history`.`occupation`" => "occupation", "`employment_and_income_history`.`notes`" => "notes");
// mapping incoming sort by requests to actual query fields
$x->SortFields = array(1 => '`employment_and_income_history`.`id`', 2 => 2, 3 => 3, 4 => 4, 5 => 5, 6 => '`employment_and_income_history`.`employed_from`', 7 => '`employment_and_income_history`.`employed_till`', 8 => 8, 9 => 9);
// Fields that can be displayed in the csv file
$x->QueryFieldsCSV = array("`employment_and_income_history`.`id`" => "id", "IF( CHAR_LENGTH(`applicants_and_tenants1`.`first_name`) || CHAR_LENGTH(`applicants_and_tenants1`.`last_name`), CONCAT_WS('', `applicants_and_tenants1`.`first_name`, ' ', `applicants_and_tenants1`.`last_name`), '') /* Tenant */" => "tenant", "`employment_and_income_history`.`employer_name`" => "employer_name", "`employment_and_income_history`.`city`" => "city", "CONCAT_WS('-', LEFT(`employment_and_income_history`.`employer_phone`,3), MID(`employment_and_income_history`.`employer_phone`,4,3), RIGHT(`employment_and_income_history`.`employer_phone`,4))" => "employer_phone", "if(`employment_and_income_history`.`employed_from`,date_format(`employment_and_income_history`.`employed_from`,'%m/%d/%Y'),'')" => "employed_from", "if(`employment_and_income_history`.`employed_till`,date_format(`employment_and_income_history`.`employed_till`,'%m/%d/%Y'),'')" => "employed_till", "`employment_and_income_history`.`occupation`" => "occupation", "`employment_and_income_history`.`notes`" => "notes");
// Fields that can be filtered
$x->QueryFieldsFilters = array("`employment_and_income_history`.`id`" => "ID", "IF( CHAR_LENGTH(`applicants_and_tenants1`.`first_name`) || CHAR_LENGTH(`applicants_and_tenants1`.`last_name`), CONCAT_WS('', `applicants_and_tenants1`.`first_name`, ' ', `applicants_and_tenants1`.`last_name`), '') /* Tenant */" => "Tenant", "`employment_and_income_history`.`employer_name`" => "Employer name", "`employment_and_income_history`.`city`" => "City", "`employment_and_income_history`.`employer_phone`" => "Employer phone", "`employment_and_income_history`.`employed_from`" => "employed from", "`employment_and_income_history`.`employed_till`" => "Employed till", "`employment_and_income_history`.`occupation`" => "Occupation", "`employment_and_income_history`.`notes`" => "Notes");
// Fields that can be quick searched
$x->QueryFieldsQS = array("`employment_and_income_history`.`id`" => "id", "IF( CHAR_LENGTH(`applicants_and_tenants1`.`first_name`) || CHAR_LENGTH(`applicants_and_tenants1`.`last_name`), CONCAT_WS('', `applicants_and_tenants1`.`first_name`, ' ', `applicants_and_tenants1`.`last_name`), '') /* Tenant */" => "tenant", "`employment_and_income_history`.`employer_name`" => "employer_name", "`employment_and_income_history`.`city`" => "city", "CONCAT_WS('-', LEFT(`employment_and_income_history`.`employer_phone`,3), MID(`employment_and_income_history`.`employer_phone`,4,3), RIGHT(`employment_and_income_history`.`employer_phone`,4))" => "employer_phone", "if(`employment_and_income_history`.`employed_from`,date_format(`employment_and_income_history`.`employed_from`,'%m/%d/%Y'),'')" => "employed_from", "if(`employment_and_income_history`.`employed_till`,date_format(`employment_and_income_history`.`employed_till`,'%m/%d/%Y'),'')" => "employed_till", "`employment_and_income_history`.`occupation`" => "occupation", "`employment_and_income_history`.`notes`" => "notes");
// Lookup fields that can be used as filterers
$x->filterers = array('tenant' => 'Tenant');
member_activity($mi, 'password', $args);
}
exit;
}
/* get profile info */
/*
$mi already contains the profile info, as documented at:
http://bigprof.com/appgini/help/working-with-generated-web-database-application/hooks/memberInfo
custom field names are stored in $adminConfig['custom1'] to $adminConfig['custom4']
*/
$permissions = array();
$userTables = getTableList();
if (is_array($userTables)) {
foreach ($userTables as $tn => $tc) {
$permissions[$tn] = getTablePermissions($tn);
}
}
/* the profile page view */
include_once "{$currDir}/header.php";
?>
<div class="page-header">
<h1><?php
echo sprintf($Translation['Hello user'], $mi['username']);
?>
</h1>
</div>
<div id="notify" class="alert alert-success" style="display: none;"></div>
<div id="loader" style="display: none;"><i class="glyphicon glyphicon-refresh"></i> <?php
echo $Translation['Loading ...'];
function patients_form($selected_id = "", $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0)
{
// function to return an editable form for a table records
// and fill it with data of record whose ID is $selected_id. If $selected_id
// is empty, an empty form is shown, with only an 'Add New'
// button displayed.
global $Translation;
// mm: get table permissions
$arrPerm = getTablePermissions('patients');
if (!$arrPerm[1] && $selected_id == "") {
return "";
}
// combobox: gender
$combo_gender = new Combo();
$combo_gender->ListType = 2;
$combo_gender->MultipleSeparator = ', ';
$combo_gender->ListBoxHeight = 10;
$combo_gender->RadiosPerLine = 1;
if (is_file(dirname(__FILE__) . '/hooks/patients.gender.csv')) {
$gender_data = addslashes(implode('', @file(dirname(__FILE__) . '/hooks/patients.gender.csv')));
$combo_gender->ListItem = explode(";;", $gender_data);
$combo_gender->ListData = explode(";;", $gender_data);
} else {
$combo_gender->ListItem = explode(";;", "Male;;Female;;Other;;Unknown");
$combo_gender->ListData = explode(";;", "Male;;Female;;Other;;Unknown");
}
$combo_gender->SelectName = "gender";
$combo_gender->AllowNull = false;
// combobox: birth_date
$combo_birth_date = new DateCombo();
$combo_birth_date->DateFormat = "mdy";
$combo_birth_date->MinYear = 1900;
$combo_birth_date->MaxYear = 2100;
$combo_birth_date->DefaultDate = parseMySQLDate('', '');
$combo_birth_date->MonthNames = $Translation['month names'];
$combo_birth_date->CSSOptionClass = 'Option';
$combo_birth_date->CSSSelectedClass = 'SelectedOption';
$combo_birth_date->NamePrefix = 'birth_date';
// combobox: state
$combo_state = new Combo();
$combo_state->ListType = 0;
$combo_state->MultipleSeparator = ', ';
$combo_state->ListBoxHeight = 10;
$combo_state->RadiosPerLine = 1;
if (is_file(dirname(__FILE__) . '/hooks/patients.state.csv')) {
$state_data = addslashes(implode('', @file(dirname(__FILE__) . '/hooks/patients.state.csv')));
$combo_state->ListItem = explode(";;", $state_data);
$combo_state->ListData = explode(";;", $state_data);
} else {
$combo_state->ListItem = explode(";;", "AL;;AK;;AS;;AZ;;AR;;CA;;CO;;CT;;DE;;DC;;FM;;FL;;GA;;GU;;HI;;ID;;IL;;IN;;IA;;KS;;KY;;LA;;ME;;MH;;MD;;MA;;MI;;MN;;MS;;MO;;MT;;NE;;NV;;NH;;NJ;;NM;;NY;;NC;;ND;;MP;;OH;;OK;;OR;;PW;;PA;;PR;;RI;;SC;;SD;;TN;;TX;;UT;;VT;;VI;;VA;;WA;;WV;;WI;;WY");
$combo_state->ListData = explode(";;", "AL;;AK;;AS;;AZ;;AR;;CA;;CO;;CT;;DE;;DC;;FM;;FL;;GA;;GU;;HI;;ID;;IL;;IN;;IA;;KS;;KY;;LA;;ME;;MH;;MD;;MA;;MI;;MN;;MS;;MO;;MT;;NE;;NV;;NH;;NJ;;NM;;NY;;NC;;ND;;MP;;OH;;OK;;OR;;PW;;PA;;PR;;RI;;SC;;SD;;TN;;TX;;UT;;VT;;VI;;VA;;WA;;WV;;WI;;WY");
}
$combo_state->SelectName = "state";
if ($selected_id) {
// mm: check member permissions
if (!$arrPerm[2]) {
return "";
}
// mm: who is the owner?
$ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='patients' and pkValue='" . makeSafe($selected_id) . "'");
$ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='patients' and pkValue='" . makeSafe($selected_id) . "'");
if ($arrPerm[2] == 1 && getLoggedMemberID() != $ownerMemberID) {
return "";
}
if ($arrPerm[2] == 2 && getLoggedGroupID() != $ownerGroupID) {
return "";
}
// can edit?
if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) {
$AllowUpdate = 1;
} else {
$AllowUpdate = 0;
}
$res = sql("select * from `patients` where `id`='" . makeSafe($selected_id) . "'");
$row = mysql_fetch_array($res);
$combo_gender->SelectedData = $row["gender"];
$combo_birth_date->DefaultDate = $row["birth_date"];
$combo_state->SelectedData = $row["state"];
$row['filed'] = sqlValue("select DATE_FORMAT(`filed`, '%c/%e/%Y %l:%i%p') from `patients` where `id`='" . makeSafe($selected_id) . "'");
$row['last_modified'] = sqlValue("select DATE_FORMAT(`last_modified`, '%c/%e/%Y %l:%i%p') from `patients` where `id`='" . makeSafe($selected_id) . "'");
} else {
$combo_gender->SelectedText = $_REQUEST['FilterField'][1] == '4' && $_REQUEST['FilterOperator'][1] == '<=>' ? get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1] : "Unknown";
$combo_state->SelectedText = $_REQUEST['FilterField'][1] == '9' && $_REQUEST['FilterOperator'][1] == '<=>' ? get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1] : "";
}
$combo_gender->Render();
$combo_state->Render();
// code for template based detail view forms
// open the detail view template
if (($_POST['dvprint_x'] != '' || $_GET['dvprint_x'] != '') && $selected_id) {
$templateCode = @implode('', @file('./templates/patients_templateDVP.html'));
$dvprint = true;
} else {
$templateCode = @implode('', @file('./templates/patients_templateDV.html'));
$dvprint = false;
}
// process form title
$templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Patient details', $templateCode);
// unique random identifier
$rnd1 = $dvprint ? rand(1000000, 9999999) : '';
$templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode);
// process buttons
if ($arrPerm[1] && !$selected_id) {
// allow insert and no record selected?
$templateCode = str_replace('<%%INSERT_BUTTON%%>', '<input type="image" src="insert.gif" name="insert" alt="' . $Translation['add new record'] . '" onclick="return validateData();">', $templateCode);
} else {
$templateCode = str_replace('<%%INSERT_BUTTON%%>', '', $templateCode);
}
if ($selected_id) {
$templateCode = str_replace('<%%DVPRINT_BUTTON%%>', '<input type="image" src="print.gif" vspace="1" name="dvprint" id="dvprint" alt="' . $Translation['printer friendly view'] . '" onclick="document.myform.reset(); return true;" style="margin-bottom: 20px;">', $templateCode);
if ($AllowUpdate) {
$templateCode = str_replace('<%%UPDATE_BUTTON%%>', '<input type="image" src="update.gif" vspace="1" name="update" alt="' . $Translation['update record'] . '" onclick="return validateData();">', $templateCode);
} else {
$templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
// set records to read only if user can't insert new records
if (!$arrPerm[1]) {
$jsReadOnly .= "\n\n\tif(document.getElementsByName('id').length){ document.getElementsByName('id')[0].readOnly=true; }\n";
$jsReadOnly .= "\n\n\tif(document.getElementsByName('last_name').length){ document.getElementsByName('last_name')[0].readOnly=true; }\n";
$jsReadOnly .= "\n\n\tif(document.getElementsByName('first_name').length){ document.getElementsByName('first_name')[0].readOnly=true; }\n";
$jsReadOnly .= "\n\n\tif(document.getElementsByName('gender').length){ var gender=document.getElementsByName('gender'); for(var i=0; i<gender.length; i++){ gender[i].disabled=true; } }\n";
$jsReadOnly .= "\n\n\tif(document.getElementsByName('birth_date').length){ document.getElementsByName('birth_date')[0].readOnly=true; }\n";
$jsReadOnly .= "\n\n\tif(document.getElementsByName('birth_dateDay').length){ var birth_dateDay=document.getElementsByName('birth_dateDay')[0]; birth_dateDay.disabled=true; birth_dateDay.style.backgroundColor='white'; birth_dateDay.style.color='black'; }\n";
$jsReadOnly .= "\n\n\tif(document.getElementsByName('birth_dateMonth').length){ var birth_dateMonth=document.getElementsByName('birth_dateMonth')[0]; birth_dateMonth.disabled=true; birth_dateMonth.style.backgroundColor='white'; birth_dateMonth.style.color='black'; }\n";
$jsReadOnly .= "\n\n\tif(document.getElementsByName('birth_dateYear').length){ var birth_dateYear=document.getElementsByName('birth_dateYear')[0]; birth_dateYear.disabled=true; birth_dateYear.style.backgroundColor='white'; birth_dateYear.style.color='black'; }\n";
$jsReadOnly .= "\n\n\tif(document.getElementsByName('age').length){ document.getElementsByName('age')[0].readOnly=true; }\n";
$jsReadOnly .= "\n\n\tif(document.getElementsByName('address').length){ document.getElementsByName('address')[0].readOnly=true; }\n";
$jsReadOnly .= "\n\n\tif(document.getElementsByName('city').length){ document.getElementsByName('city')[0].readOnly=true; }\n";
$jsReadOnly .= "\n\n\tif(document.getElementsByName('state').length){ var state=document.getElementsByName('state')[0]; state.disabled=true; state.style.backgroundColor='white'; state.style.color='black'; }\n";
$jsReadOnly .= "\n\n\tif(document.getElementsByName('zip').length){ document.getElementsByName('zip')[0].readOnly=true; }\n";
$jsReadOnly .= "\n\n\tif(document.getElementsByName('home_phone').length){ document.getElementsByName('home_phone')[0].readOnly=true; }\n";
$jsReadOnly .= "\n\n\tif(document.getElementsByName('work_phone').length){ document.getElementsByName('work_phone')[0].readOnly=true; }\n";
$jsReadOnly .= "\n\n\tif(document.getElementsByName('mobile').length){ document.getElementsByName('mobile')[0].readOnly=true; }\n";
$jsReadOnly .= "\n\n\tif(document.getElementsByName('filed').length){ document.getElementsByName('filed')[0].readOnly=true; }\n";
$jsReadOnly .= "\n\n\tif(document.getElementsByName('last_modified').length){ document.getElementsByName('last_modified')[0].readOnly=true; }\n";
$noUploads = true;
}
}
if ($arrPerm[4] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[4] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[4] == 3) {
// allow delete?
$templateCode = str_replace('<%%DELETE_BUTTON%%>', '<input type="image" src="delete.gif" vspace="1" name="delete" alt="' . $Translation['delete record'] . '" onClick="return confirm(\'' . $Translation['are you sure?'] . '\');">', $templateCode);
} else {
$templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
}
$templateCode = str_replace('<%%DESELECT_BUTTON%%>', "<input type=image src=deselect.gif vspace=1 name=deselect alt=\"" . $Translation['deselect record'] . "\" onclick=\"document.myform.reset(); return true;\">", $templateCode);
} else {
$templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
$templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
$templateCode = str_replace('<%%DESELECT_BUTTON%%>', $ShowCancel ? "<input type=image src=cancel.gif vspace=1 name=deselect alt=\"" . $Translation['deselect record'] . "\" onclick=\"document.myform.reset(); return true;\">" : '', $templateCode);
}
// process combos
$templateCode = str_replace('<%%COMBO(gender)%%>', $combo_gender->HTML, $templateCode);
$templateCode = str_replace('<%%COMBOTEXT(gender)%%>', $combo_gender->SelectedData, $templateCode);
$templateCode = str_replace('<%%COMBO(birth_date)%%>', $combo_birth_date->GetHTML(), $templateCode);
$templateCode = str_replace('<%%COMBOTEXT(birth_date)%%>', $combo_birth_date->GetHTML(true), $templateCode);
$templateCode = str_replace('<%%COMBO(state)%%>', $combo_state->HTML, $templateCode);
$templateCode = str_replace('<%%COMBOTEXT(state)%%>', $combo_state->SelectedData, $templateCode);
// process foreign key links
if ($selected_id) {
}
// process images
$templateCode = str_replace('<%%UPLOADFILE(id)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(last_name)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(first_name)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(gender)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(birth_date)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(age)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(address)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(city)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(state)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(zip)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(home_phone)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(work_phone)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(mobile)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(other_details)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(comments)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(filed)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(last_modified)%%>', '', $templateCode);
// process values
if ($selected_id) {
$templateCode = str_replace('<%%VALUE(id)%%>', htmlspecialchars($row['id'], ENT_QUOTES), $templateCode);
$templateCode = str_replace('<%%VALUE(last_name)%%>', htmlspecialchars($row['last_name'], ENT_QUOTES), $templateCode);
$templateCode = str_replace('<%%VALUE(first_name)%%>', htmlspecialchars($row['first_name'], ENT_QUOTES), $templateCode);
$templateCode = str_replace('<%%VALUE(gender)%%>', htmlspecialchars($row['gender'], ENT_QUOTES), $templateCode);
$templateCode = str_replace('<%%VALUE(birth_date)%%>', @date('n/j/Y', @strtotime(htmlspecialchars($row['birth_date'], ENT_QUOTES))), $templateCode);
$templateCode = str_replace('<%%VALUE(age)%%>', htmlspecialchars($row['age'], ENT_QUOTES), $templateCode);
$templateCode = str_replace('<%%VALUE(address)%%>', htmlspecialchars($row['address'], ENT_QUOTES), $templateCode);
$templateCode = str_replace('<%%VALUE(city)%%>', htmlspecialchars($row['city'], ENT_QUOTES), $templateCode);
$templateCode = str_replace('<%%VALUE(state)%%>', htmlspecialchars($row['state'], ENT_QUOTES), $templateCode);
$templateCode = str_replace('<%%VALUE(zip)%%>', htmlspecialchars($row['zip'], ENT_QUOTES), $templateCode);
$templateCode = str_replace('<%%VALUE(home_phone)%%>', htmlspecialchars($row['home_phone'], ENT_QUOTES), $templateCode);
$templateCode = str_replace('<%%VALUE(work_phone)%%>', htmlspecialchars($row['work_phone'], ENT_QUOTES), $templateCode);
$templateCode = str_replace('<%%VALUE(mobile)%%>', htmlspecialchars($row['mobile'], ENT_QUOTES), $templateCode);
if ($AllowUpdate || $AllowInsert) {
$templateCode = str_replace('<%%HTMLAREA(other_details)%%>', '<textarea name="other_details" id="other_details" cols="50" rows="5" class="TextBox">' . htmlspecialchars($row['other_details'], ENT_QUOTES) . '</textarea>', $templateCode);
} else {
$templateCode = str_replace('<%%HTMLAREA(other_details)%%>', $row['other_details'], $templateCode);
}
$templateCode = str_replace('<%%VALUE(other_details)%%>', $row['other_details'], $templateCode);
if ($AllowUpdate || $AllowInsert) {
$templateCode = str_replace('<%%HTMLAREA(comments)%%>', '<textarea name="comments" id="comments" cols="50" rows="5" class="TextBox">' . htmlspecialchars($row['comments'], ENT_QUOTES) . '</textarea>', $templateCode);
} else {
$templateCode = str_replace('<%%HTMLAREA(comments)%%>', $row['comments'], $templateCode);
}
$templateCode = str_replace('<%%VALUE(comments)%%>', $row['comments'], $templateCode);
$templateCode = str_replace('<%%VALUE(filed)%%>', htmlspecialchars($row['filed'], ENT_QUOTES), $templateCode);
$templateCode = str_replace('<%%VALUE(last_modified)%%>', htmlspecialchars($row['last_modified'], ENT_QUOTES), $templateCode);
} else {
$templateCode = str_replace('<%%VALUE(id)%%>', '', $templateCode);
$templateCode = str_replace('<%%VALUE(last_name)%%>', '', $templateCode);
$templateCode = str_replace('<%%VALUE(first_name)%%>', '', $templateCode);
$templateCode = str_replace('<%%VALUE(gender)%%>', 'Unknown', $templateCode);
$templateCode = str_replace('<%%VALUE(birth_date)%%>', '', $templateCode);
$templateCode = str_replace('<%%VALUE(age)%%>', '', $templateCode);
$templateCode = str_replace('<%%VALUE(address)%%>', '', $templateCode);
$templateCode = str_replace('<%%VALUE(city)%%>', '', $templateCode);
$templateCode = str_replace('<%%VALUE(state)%%>', '', $templateCode);
$templateCode = str_replace('<%%VALUE(zip)%%>', '', $templateCode);
$templateCode = str_replace('<%%VALUE(home_phone)%%>', '', $templateCode);
$templateCode = str_replace('<%%VALUE(work_phone)%%>', '', $templateCode);
$templateCode = str_replace('<%%VALUE(mobile)%%>', '', $templateCode);
$templateCode = str_replace('<%%HTMLAREA(other_details)%%>', '<textarea name="other_details" id="other_details" cols="50" rows="5" class="TextBox"></textarea>', $templateCode);
$templateCode = str_replace('<%%HTMLAREA(comments)%%>', '<textarea name="comments" id="comments" cols="50" rows="5" class="TextBox"></textarea>', $templateCode);
$templateCode = str_replace('<%%VALUE(filed)%%>', '<%%creationDateTime%%>', $templateCode);
$templateCode = str_replace('<%%VALUE(last_modified)%%>', '<%%editingDateTime%%>', $templateCode);
}
// process translations
foreach ($Translation as $symbol => $trans) {
$templateCode = str_replace("<%%TRANSLATION({$symbol})%%>", $trans, $templateCode);
}
// clear scrap
$templateCode = str_replace('<%%', '<!--', $templateCode);
$templateCode = str_replace('%%>', '-->', $templateCode);
// hide links to inaccessible tables
if ($_POST['dvprint_x'] == '') {
$templateCode .= "\n\n<script>\n";
$arrTables = getTableList();
foreach ($arrTables as $name => $caption) {
$templateCode .= "\tif(document.getElementById('" . $name . "_link')!=undefined){\n";
$templateCode .= "\t\tdocument.getElementById('" . $name . "_link').style.visibility='visible';\n";
$templateCode .= "\t}\n";
for ($i = 1; $i < 10; $i++) {
$templateCode .= "\tif(document.getElementById('" . $name . "_plink{$i}')!=undefined){\n";
$templateCode .= "\t\tdocument.getElementById('" . $name . "_plink{$i}').style.visibility='visible';\n";
$templateCode .= "\t}\n";
}
}
$templateCode .= $jsReadOnly;
if (!$selected_id) {
}
$templateCode .= "\n\tfunction validateData(){";
$templateCode .= "\n\t\tif(\$F('last_name')==''){ alert('" . addslashes($Translation['error:']) . ' "Last name": ' . addslashes($Translation['field not null']) . "'); \$('last_name').focus(); return false; }";
$templateCode .= "\n\t\tif(\$F('first_name')==''){ alert('" . addslashes($Translation['error:']) . ' "First name": ' . addslashes($Translation['field not null']) . "'); \$('first_name').focus(); return false; }";
$templateCode .= "\n\t\tif(\$F('gender')==''){ alert('" . addslashes($Translation['error:']) . ' "Gender": ' . addslashes($Translation['field not null']) . "'); \$('gender').focus(); return false; }";
$templateCode .= "\n\t\treturn true;";
$templateCode .= "\n\t}";
$templateCode .= "\n</script>\n";
}
// ajaxed auto-fill fields
$templateCode .= "<script>";
$templateCode .= "document.observe('dom:loaded', function() {";
$templateCode .= "});";
$templateCode .= "</script>";
// handle enforced parent values for read-only lookup fields
// don't include blank images in lightbox gallery
$templateCode = preg_replace('/blank.gif" rel="lightbox\\[.*?\\]"/', 'blank.gif"', $templateCode);
// don't display empty email links
$templateCode = preg_replace('/<a .*?href="mailto:".*?<\\/a>/', '', $templateCode);
// hook: patients_dv
if (function_exists('patients_dv')) {
$args = array();
patients_dv($selected_id ? $selected_id : FALSE, getMemberInfo(), $templateCode, $args);
}
return $templateCode;
}
function categories_form($selected_id = '', $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0)
{
// function to return an editable form for a table records
// and fill it with data of record whose ID is $selected_id. If $selected_id
// is empty, an empty form is shown, with only an 'Add New'
// button displayed.
global $Translation;
// mm: get table permissions
$arrPerm = getTablePermissions('categories');
if (!$arrPerm[1] && $selected_id == '') {
return '';
}
$AllowInsert = $arrPerm[1] ? true : false;
// print preview?
$dvprint = false;
if ($selected_id && $_REQUEST['dvprint_x'] != '') {
$dvprint = true;
}
// populate filterers, starting from children to grand-parents
// unique random identifier
$rnd1 = $dvprint ? rand(1000000, 9999999) : '';
if ($selected_id) {
// mm: check member permissions
if (!$arrPerm[2]) {
return "";
}
// mm: who is the owner?
$ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='categories' and pkValue='" . makeSafe($selected_id) . "'");
$ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='categories' and pkValue='" . makeSafe($selected_id) . "'");
if ($arrPerm[2] == 1 && getLoggedMemberID() != $ownerMemberID) {
return "";
}
if ($arrPerm[2] == 2 && getLoggedGroupID() != $ownerGroupID) {
return "";
}
// can edit?
if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) {
$AllowUpdate = 1;
} else {
$AllowUpdate = 0;
}
$res = sql("select * from `categories` where `CategoryID`='" . makeSafe($selected_id) . "'", $eo);
if (!($row = db_fetch_array($res))) {
return error_message($Translation['No records found']);
}
$urow = $row;
/* unsanitized data */
$hc = new CI_Input();
$row = $hc->xss_clean($row);
/* sanitize data */
} else {
}
ob_start();
?>
<script>
// initial lookup values
jQuery(function() {
});
</script>
<?php
$lookups = str_replace('__RAND__', $rnd1, ob_get_contents());
ob_end_clean();
// code for template based detail view forms
// open the detail view template
if ($dvprint) {
$templateCode = @file_get_contents('./templates/categories_templateDVP.html');
} else {
$templateCode = @file_get_contents('./templates/categories_templateDV.html');
}
// process form title
$templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Add/Edit Product Categories', $templateCode);
$templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode);
$templateCode = str_replace('<%%EMBEDDED%%>', $_REQUEST['Embedded'] ? 'Embedded=1' : '', $templateCode);
// process buttons
if ($arrPerm[1] && !$selected_id) {
// allow insert and no record selected?
if (!$selected_id) {
$templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-success" id="insert" name="insert_x" value="1" onclick="return categories_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save New'] . '</button>', $templateCode);
}
$templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="insert" name="insert_x" value="1" onclick="return categories_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save As Copy'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%INSERT_BUTTON%%>', '', $templateCode);
}
// 'Back' button action
if ($_REQUEST['Embedded']) {
$backAction = 'window.parent.jQuery(\'.modal\').modal(\'hide\'); return false;';
} else {
$backAction = '$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;';
}
if ($selected_id) {
if (!$_REQUEST['Embedded']) {
$templateCode = str_replace('<%%DVPRINT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="dvprint" name="dvprint_x" value="1" onclick="$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print Preview'] . '</button>', $templateCode);
}
if ($AllowUpdate) {
$templateCode = str_replace('<%%UPDATE_BUTTON%%>', '<button type="submit" class="btn btn-success btn-lg" id="update" name="update_x" value="1" onclick="return categories_validateData();"><i class="glyphicon glyphicon-ok"></i> ' . $Translation['Save Changes'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
}
if ($arrPerm[4] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[4] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[4] == 3) {
// allow delete?
$templateCode = str_replace('<%%DELETE_BUTTON%%>', '<button type="submit" class="btn btn-danger" id="delete" name="delete_x" value="1" onclick="return confirm(\'' . $Translation['are you sure?'] . '\');"><i class="glyphicon glyphicon-trash"></i> ' . $Translation['Delete'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
}
$templateCode = str_replace('<%%DESELECT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
$templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
$templateCode = str_replace('<%%DESELECT_BUTTON%%>', $ShowCancel ? '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>' : '', $templateCode);
}
// set records to read only if user can't insert new records and can't edit current record
if ($selected_id && !$AllowUpdate || !$selected_id && !$AllowInsert) {
$jsReadOnly .= "\tjQuery('#Picture').replaceWith('<div class=\"form-control-static\" id=\"Picture\">' + (jQuery('#Picture').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#CategoryName').replaceWith('<div class=\"form-control-static\" id=\"CategoryName\">' + (jQuery('#CategoryName').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('.select2-container').hide();\n";
$noUploads = true;
} elseif ($AllowInsert && !$selected_id || $AllowUpdate && $selected_id) {
$jsEditable .= "\tjQuery('form').eq(0).data('already_changed', true);";
// temporarily disable form change handler
$jsEditable .= "\tjQuery('form').eq(0).data('already_changed', false);";
// re-enable form change handler
}
// process combos
/* lookup fields array: 'lookup field name' => array('parent table name', 'lookup field caption') */
$lookup_fields = array();
foreach ($lookup_fields as $luf => $ptfc) {
$pt_perm = getTablePermissions($ptfc[0]);
// process foreign key links
if ($pt_perm['view'] || $pt_perm['edit']) {
$templateCode = str_replace("<%%PLINK({$luf})%%>", '<button type="button" class="btn btn-default view_parent hspacer-lg" id="' . $ptfc[0] . '_view_parent" title="' . htmlspecialchars($Translation['View'] . ' ' . $ptfc[1], ENT_QUOTES, 'iso-8859-1') . '"><i class="glyphicon glyphicon-eye-open"></i></button>', $templateCode);
}
// if user has insert permission to parent table of a lookup field, put an add new button
if ($pt_perm['insert'] && !$_REQUEST['Embedded']) {
$templateCode = str_replace("<%%ADDNEW({$ptfc[0]})%%>", '<button type="button" class="btn btn-success add_new_parent" id="' . $ptfc[0] . '_add_new" title="' . htmlspecialchars($Translation['Add New'] . ' ' . $ptfc[1], ENT_QUOTES, 'iso-8859-1') . '"><i class="glyphicon glyphicon-plus-sign"></i></button>', $templateCode);
}
}
// process images
$templateCode = str_replace('<%%UPLOADFILE(CategoryID)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(Picture)%%>', $noUploads ? '' : '<input type=hidden name=MAX_FILE_SIZE value=204800>' . $Translation['upload image'] . ' <input type="file" name="Picture" id="Picture">', $templateCode);
if ($AllowUpdate && $row['Picture'] != '') {
$templateCode = str_replace('<%%REMOVEFILE(Picture)%%>', '<br><input type="checkbox" name="Picture_remove" id="Picture_remove" value="1"> <label for="Picture_remove" style="color: red; font-weight: bold;">' . $Translation['remove image'] . '</label>', $templateCode);
} else {
$templateCode = str_replace('<%%REMOVEFILE(Picture)%%>', '', $templateCode);
}
$templateCode = str_replace('<%%UPLOADFILE(CategoryName)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(Description)%%>', '', $templateCode);
// process values
if ($selected_id) {
$templateCode = str_replace('<%%VALUE(CategoryID)%%>', htmlspecialchars($row['CategoryID'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(CategoryID)%%>', urlencode($urow['CategoryID']), $templateCode);
$row['Picture'] = $row['Picture'] != '' ? $row['Picture'] : 'blank.gif';
$templateCode = str_replace('<%%VALUE(Picture)%%>', htmlspecialchars($row['Picture'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(Picture)%%>', urlencode($urow['Picture']), $templateCode);
$templateCode = str_replace('<%%VALUE(CategoryName)%%>', htmlspecialchars($row['CategoryName'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(CategoryName)%%>', urlencode($urow['CategoryName']), $templateCode);
if ($AllowUpdate || $AllowInsert) {
$templateCode = str_replace('<%%HTMLAREA(Description)%%>', '<textarea name="Description" id="Description" rows="5">' . htmlspecialchars($row['Description'], ENT_QUOTES, 'iso-8859-1') . '</textarea>', $templateCode);
} else {
$templateCode = str_replace('<%%HTMLAREA(Description)%%>', $row['Description'], $templateCode);
}
$templateCode = str_replace('<%%VALUE(Description)%%>', nl2br($row['Description']), $templateCode);
$templateCode = str_replace('<%%URLVALUE(Description)%%>', urlencode($urow['Description']), $templateCode);
} else {
$templateCode = str_replace('<%%VALUE(CategoryID)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(CategoryID)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(Picture)%%>', 'blank.gif', $templateCode);
$templateCode = str_replace('<%%VALUE(CategoryName)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(CategoryName)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%HTMLAREA(Description)%%>', '<textarea name="Description" id="Description" rows="5"></textarea>', $templateCode);
}
// process translations
foreach ($Translation as $symbol => $trans) {
$templateCode = str_replace("<%%TRANSLATION({$symbol})%%>", $trans, $templateCode);
}
// clear scrap
$templateCode = str_replace('<%%', '<!-- ', $templateCode);
$templateCode = str_replace('%%>', ' -->', $templateCode);
// hide links to inaccessible tables
if ($_POST['dvprint_x'] == '') {
$templateCode .= "\n\n<script>\$j(function(){\n";
$arrTables = getTableList();
foreach ($arrTables as $name => $caption) {
$templateCode .= "\t\$j('#{$name}_link').removeClass('hidden');\n";
$templateCode .= "\t\$j('#xs_{$name}_link').removeClass('hidden');\n";
}
$templateCode .= $jsReadOnly;
$templateCode .= $jsEditable;
if (!$selected_id) {
}
$templateCode .= "\n});</script>\n";
}
// ajaxed auto-fill fields
$templateCode .= '<script>';
$templateCode .= '$j(function() {';
$templateCode .= "});";
$templateCode .= "</script>";
$templateCode .= $lookups;
// handle enforced parent values for read-only lookup fields
// don't include blank images in lightbox gallery
$templateCode = preg_replace('/blank.gif" rel="lightbox\\[.*?\\]"/', 'blank.gif"', $templateCode);
// don't display empty email links
$templateCode = preg_replace('/<a .*?href="mailto:".*?<\\/a>/', '', $templateCode);
// hook: categories_dv
if (function_exists('categories_dv')) {
$args = array();
categories_dv($selected_id ? $selected_id : FALSE, getMemberInfo(), $templateCode, $args);
}
return $templateCode;
}
<?php
// This script and data application were generated by AppGini 5.23
// Download AppGini for free from http://bigprof.com/appgini/download/
$currDir = dirname(__FILE__);
include "{$currDir}/defaultLang.php";
include "{$currDir}/language.php";
include "{$currDir}/lib.php";
@(include "{$currDir}/hooks/reports.php");
include "{$currDir}/reports_dml.php";
// mm: can the current member access this page?
$perm = getTablePermissions('reports');
if (!$perm[0]) {
echo error_message($Translation['tableAccessDenied'], false);
echo '<script>setTimeout("window.location=\'index.php?signOut=1\'", 2000);</script>';
exit;
}
$x = new DataList();
$x->TableName = "reports";
// Fields that can be displayed in the table view
$x->QueryFieldsTV = array("`reports`.`report_id`" => "report_id", "if(`reports`.`start_date`,date_format(`reports`.`start_date`,'%d/%m/%Y'),'')" => "start_date", "if(`reports`.`end_date`,date_format(`reports`.`end_date`,'%d/%m/%Y'),'')" => "end_date", "IF( CHAR_LENGTH(`companies1`.`name`) || CHAR_LENGTH(`clients1`.`name`), CONCAT_WS('', `companies1`.`name`, ' - ', `clients1`.`name`), '') /* Company */" => "company", "if(`reports`.`created`,date_format(`reports`.`created`,'%d/%m/%Y'),'')" => "created", "`reports`.`created_by`" => "created_by", "`reports`.`average_score`" => "average_score");
// mapping incoming sort by requests to actual query fields
$x->SortFields = array(1 => '`reports`.`report_id`', 2 => '`reports`.`start_date`', 3 => '`reports`.`end_date`', 4 => 4, 5 => '`reports`.`created`', 6 => 6, 7 => '`reports`.`average_score`');
// Fields that can be displayed in the csv file
$x->QueryFieldsCSV = array("`reports`.`report_id`" => "report_id", "if(`reports`.`start_date`,date_format(`reports`.`start_date`,'%d/%m/%Y'),'')" => "start_date", "if(`reports`.`end_date`,date_format(`reports`.`end_date`,'%d/%m/%Y'),'')" => "end_date", "IF( CHAR_LENGTH(`companies1`.`name`) || CHAR_LENGTH(`clients1`.`name`), CONCAT_WS('', `companies1`.`name`, ' - ', `clients1`.`name`), '') /* Company */" => "company", "if(`reports`.`created`,date_format(`reports`.`created`,'%d/%m/%Y'),'')" => "created", "`reports`.`created_by`" => "created_by", "`reports`.`average_score`" => "average_score");
// Fields that can be filtered
$x->QueryFieldsFilters = array("`reports`.`report_id`" => "ID", "`reports`.`start_date`" => "Report start date", "`reports`.`end_date`" => "Report end date", "IF( CHAR_LENGTH(`companies1`.`name`) || CHAR_LENGTH(`clients1`.`name`), CONCAT_WS('', `companies1`.`name`, ' - ', `clients1`.`name`), '') /* Company */" => "Company", "`reports`.`created`" => "Created", "`reports`.`created_by`" => "Created by", "`reports`.`average_score`" => "Average score");
// Fields that can be quick searched
$x->QueryFieldsQS = array("`reports`.`report_id`" => "report_id", "if(`reports`.`start_date`,date_format(`reports`.`start_date`,'%d/%m/%Y'),'')" => "start_date", "if(`reports`.`end_date`,date_format(`reports`.`end_date`,'%d/%m/%Y'),'')" => "end_date", "IF( CHAR_LENGTH(`companies1`.`name`) || CHAR_LENGTH(`clients1`.`name`), CONCAT_WS('', `companies1`.`name`, ' - ', `clients1`.`name`), '') /* Company */" => "company", "if(`reports`.`created`,date_format(`reports`.`created`,'%d/%m/%Y'),'')" => "created", "`reports`.`created_by`" => "created_by", "`reports`.`average_score`" => "average_score");
// Lookup fields that can be used as filterers
$x->filterers = array('company' => 'Company');
<?php
// This script and data application were generated by AppGini 5.23
// Download AppGini for free from http://bigprof.com/appgini/download/
$currDir = dirname(__FILE__);
include "{$currDir}/defaultLang.php";
include "{$currDir}/language.php";
include "{$currDir}/lib.php";
@(include "{$currDir}/hooks/sic.php");
include "{$currDir}/sic_dml.php";
// mm: can the current member access this page?
$perm = getTablePermissions('sic');
if (!$perm[0]) {
echo error_message($Translation['tableAccessDenied'], false);
echo '<script>setTimeout("window.location=\'index.php?signOut=1\'", 2000);</script>';
exit;
}
$x = new DataList();
$x->TableName = "sic";
// Fields that can be displayed in the table view
$x->QueryFieldsTV = array("`sic`.`sic_id`" => "sic_id", "`sic`.`code`" => "code", "`sic`.`activity`" => "activity");
// mapping incoming sort by requests to actual query fields
$x->SortFields = array(1 => '`sic`.`sic_id`', 2 => '`sic`.`code`', 3 => 3);
// Fields that can be displayed in the csv file
$x->QueryFieldsCSV = array("`sic`.`sic_id`" => "sic_id", "`sic`.`code`" => "code", "`sic`.`activity`" => "activity");
// Fields that can be filtered
$x->QueryFieldsFilters = array("`sic`.`sic_id`" => "ID", "`sic`.`code`" => "Code", "`sic`.`activity`" => "Activity");
// Fields that can be quick searched
$x->QueryFieldsQS = array("`sic`.`sic_id`" => "sic_id", "`sic`.`code`" => "code", "`sic`.`activity`" => "activity");
// Lookup fields that can be used as filterers
$x->filterers = array();
function residence_and_rental_history_form($selected_id = '', $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0)
{
// function to return an editable form for a table records
// and fill it with data of record whose ID is $selected_id. If $selected_id
// is empty, an empty form is shown, with only an 'Add New'
// button displayed.
global $Translation;
// mm: get table permissions
$arrPerm = getTablePermissions('residence_and_rental_history');
if (!$arrPerm[1] && $selected_id == '') {
return '';
}
$AllowInsert = $arrPerm[1] ? true : false;
// print preview?
$dvprint = false;
if ($selected_id && $_REQUEST['dvprint_x'] != '') {
$dvprint = true;
}
$filterer_tenant = thisOr(undo_magic_quotes($_REQUEST['filterer_tenant']), '');
// populate filterers, starting from children to grand-parents
// unique random identifier
$rnd1 = $dvprint ? rand(1000000, 9999999) : '';
// combobox: tenant
$combo_tenant = new DataCombo();
// combobox: duration_of_residency_from
$combo_duration_of_residency_from = new DateCombo();
$combo_duration_of_residency_from->DateFormat = "mdy";
$combo_duration_of_residency_from->MinYear = 1900;
$combo_duration_of_residency_from->MaxYear = 2100;
$combo_duration_of_residency_from->DefaultDate = parseMySQLDate('', '');
$combo_duration_of_residency_from->MonthNames = $Translation['month names'];
$combo_duration_of_residency_from->NamePrefix = 'duration_of_residency_from';
// combobox: to
$combo_to = new DateCombo();
$combo_to->DateFormat = "mdy";
$combo_to->MinYear = 1900;
$combo_to->MaxYear = 2100;
$combo_to->DefaultDate = parseMySQLDate('', '');
$combo_to->MonthNames = $Translation['month names'];
$combo_to->NamePrefix = 'to';
if ($selected_id) {
// mm: check member permissions
if (!$arrPerm[2]) {
return "";
}
// mm: who is the owner?
$ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='residence_and_rental_history' and pkValue='" . makeSafe($selected_id) . "'");
$ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='residence_and_rental_history' and pkValue='" . makeSafe($selected_id) . "'");
if ($arrPerm[2] == 1 && getLoggedMemberID() != $ownerMemberID) {
return "";
}
if ($arrPerm[2] == 2 && getLoggedGroupID() != $ownerGroupID) {
return "";
}
// can edit?
if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) {
$AllowUpdate = 1;
} else {
$AllowUpdate = 0;
}
$res = sql("select * from `residence_and_rental_history` where `id`='" . makeSafe($selected_id) . "'", $eo);
if (!($row = db_fetch_array($res))) {
return error_message($Translation['No records found']);
}
$urow = $row;
/* unsanitized data */
$hc = new CI_Input();
$row = $hc->xss_clean($row);
/* sanitize data */
$combo_tenant->SelectedData = $row['tenant'];
$combo_duration_of_residency_from->DefaultDate = $row['duration_of_residency_from'];
$combo_to->DefaultDate = $row['to'];
} else {
$combo_tenant->SelectedData = $filterer_tenant;
}
$combo_tenant->HTML = '<span id="tenant-container' . $rnd1 . '"></span><input type="hidden" name="tenant" id="tenant' . $rnd1 . '">';
$combo_tenant->MatchText = '<span id="tenant-container-readonly' . $rnd1 . '"></span><input type="hidden" name="tenant" id="tenant' . $rnd1 . '">';
ob_start();
?>
<script>
// initial lookup values
var current_tenant__RAND__ = { text: "", value: "<?php
echo addslashes($selected_id ? $urow['tenant'] : $filterer_tenant);
?>
"};
jQuery(function() {
tenant_reload__RAND__();
});
function tenant_reload__RAND__(){
<?php
if (($AllowUpdate || $AllowInsert) && !$dvprint) {
?>
jQuery("#tenant-container__RAND__").select2({
/* initial default value */
initSelection: function(e, c){
jQuery.ajax({
url: 'ajax_combo.php',
dataType: 'json',
data: { id: current_tenant__RAND__.value, t: 'residence_and_rental_history', f: 'tenant' }
}).done(function(resp){
c({
id: resp.results[0].id,
text: resp.results[0].text
});
jQuery('[name="tenant"]').val(resp.results[0].id);
jQuery('[id=tenant-container-readonly__RAND__]').html('<span id="tenant-match-text">' + resp.results[0].text + '</span>');
if(typeof(tenant_update_autofills__RAND__) == 'function') tenant_update_autofills__RAND__();
});
},
width: '100%',
formatNoMatches: function(term){ return '<?php
echo addslashes($Translation['No matches found!']);
?>
'; },
minimumResultsForSearch: 10,
loadMorePadding: 200,
ajax: {
url: 'ajax_combo.php',
dataType: 'json',
cache: true,
data: function(term, page){ return { s: term, p: page, t: 'residence_and_rental_history', f: 'tenant' }; },
results: function(resp, page){ return resp; }
}
}).on('change', function(e){
current_tenant__RAND__.value = e.added.id;
current_tenant__RAND__.text = e.added.text;
jQuery('[name="tenant"]').val(e.added.id);
if(typeof(tenant_update_autofills__RAND__) == 'function') tenant_update_autofills__RAND__();
});
<?php
} else {
?>
jQuery.ajax({
url: 'ajax_combo.php',
dataType: 'json',
data: { id: current_tenant__RAND__.value, t: 'residence_and_rental_history', f: 'tenant' }
}).done(function(resp){
jQuery('[id=tenant-container__RAND__], [id=tenant-container-readonly__RAND__]').html('<span id="tenant-match-text">' + resp.results[0].text + '</span>');
if(typeof(tenant_update_autofills__RAND__) == 'function') tenant_update_autofills__RAND__();
});
<?php
}
?>
}
</script>
<?php
$lookups = str_replace('__RAND__', $rnd1, ob_get_contents());
ob_end_clean();
// code for template based detail view forms
// open the detail view template
if ($dvprint) {
$templateCode = @file_get_contents('./templates/residence_and_rental_history_templateDVP.html');
} else {
$templateCode = @file_get_contents('./templates/residence_and_rental_history_templateDV.html');
}
// process form title
$templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Residence and rental history details', $templateCode);
$templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode);
$templateCode = str_replace('<%%EMBEDDED%%>', $_REQUEST['Embedded'] ? 'Embedded=1' : '', $templateCode);
// process buttons
if ($AllowInsert) {
if (!$selected_id) {
$templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-success" id="insert" name="insert_x" value="1" onclick="return residence_and_rental_history_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save New'] . '</button>', $templateCode);
}
$templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="insert" name="insert_x" value="1" onclick="return residence_and_rental_history_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save As Copy'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%INSERT_BUTTON%%>', '', $templateCode);
}
// 'Back' button action
if ($_REQUEST['Embedded']) {
$backAction = 'window.parent.jQuery(\'.modal\').modal(\'hide\'); return false;';
} else {
$backAction = '$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;';
}
if ($selected_id) {
if (!$_REQUEST['Embedded']) {
$templateCode = str_replace('<%%DVPRINT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="dvprint" name="dvprint_x" value="1" onclick="$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print Preview'] . '</button>', $templateCode);
}
if ($AllowUpdate) {
$templateCode = str_replace('<%%UPDATE_BUTTON%%>', '<button type="submit" class="btn btn-success btn-lg" id="update" name="update_x" value="1" onclick="return residence_and_rental_history_validateData();"><i class="glyphicon glyphicon-ok"></i> ' . $Translation['Save Changes'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
}
if ($arrPerm[4] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[4] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[4] == 3) {
// allow delete?
$templateCode = str_replace('<%%DELETE_BUTTON%%>', '<button type="submit" class="btn btn-danger" id="delete" name="delete_x" value="1" onclick="return confirm(\'' . $Translation['are you sure?'] . '\');"><i class="glyphicon glyphicon-trash"></i> ' . $Translation['Delete'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
}
$templateCode = str_replace('<%%DESELECT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
$templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
$templateCode = str_replace('<%%DESELECT_BUTTON%%>', $ShowCancel ? '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>' : '', $templateCode);
}
// set records to read only if user can't insert new records and can't edit current record
if ($selected_id && !$AllowUpdate && !$AllowInsert || !$selected_id && !$AllowInsert) {
$jsReadOnly .= "\tjQuery('#tenant').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n";
$jsReadOnly .= "\tjQuery('#tenant_caption').prop('disabled', true).css({ color: '#555', backgroundColor: 'white' });\n";
$jsReadOnly .= "\tjQuery('#address').replaceWith('<p class=\"form-control-static\" id=\"address\">' + (jQuery('#address').val() || '') + '</p>');\n";
$jsReadOnly .= "\tjQuery('#landlord_or_manager_name').replaceWith('<p class=\"form-control-static\" id=\"landlord_or_manager_name\">' + (jQuery('#landlord_or_manager_name').val() || '') + '</p>');\n";
$jsReadOnly .= "\tjQuery('#landlord_or_manager_phone').replaceWith('<p class=\"form-control-static\" id=\"landlord_or_manager_phone\">' + (jQuery('#landlord_or_manager_phone').val() || '') + '</p>');\n";
$jsReadOnly .= "\tjQuery('#monthly_rent').replaceWith('<p class=\"form-control-static\" id=\"monthly_rent\">' + (jQuery('#monthly_rent').val() || '') + '</p>');\n";
$jsReadOnly .= "\tjQuery('#duration_of_residency_from').prop('readonly', true);\n";
$jsReadOnly .= "\tjQuery('#duration_of_residency_fromDay, #duration_of_residency_fromMonth, #duration_of_residency_fromYear').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n";
$jsReadOnly .= "\tjQuery('#to').prop('readonly', true);\n";
$jsReadOnly .= "\tjQuery('#toDay, #toMonth, #toYear').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n";
$jsReadOnly .= "\tjQuery('#reason_for_leaving').replaceWith('<p class=\"form-control-static\" id=\"reason_for_leaving\">' + (jQuery('#reason_for_leaving').val() || '') + '</p>');\n";
$noUploads = true;
} elseif ($AllowInsert) {
$jsEditable .= "\tjQuery('form').eq(0).data('already_changed', true);";
// temporarily disable form change handler
$jsEditable .= "\tjQuery('form').eq(0).data('already_changed', false);";
// re-enable form change handler
}
// process combos
$templateCode = str_replace('<%%COMBO(tenant)%%>', $combo_tenant->HTML, $templateCode);
$templateCode = str_replace('<%%COMBOTEXT(tenant)%%>', $combo_tenant->MatchText, $templateCode);
$templateCode = str_replace('<%%URLCOMBOTEXT(tenant)%%>', urlencode($combo_tenant->MatchText), $templateCode);
$templateCode = str_replace('<%%COMBO(duration_of_residency_from)%%>', $selected_id && !$arrPerm[3] ? '<p class="form-control-static">' . $combo_duration_of_residency_from->GetHTML(true) . '</p>' : $combo_duration_of_residency_from->GetHTML(), $templateCode);
$templateCode = str_replace('<%%COMBOTEXT(duration_of_residency_from)%%>', $combo_duration_of_residency_from->GetHTML(true), $templateCode);
$templateCode = str_replace('<%%COMBO(to)%%>', $selected_id && !$arrPerm[3] ? '<p class="form-control-static">' . $combo_to->GetHTML(true) . '</p>' : $combo_to->GetHTML(), $templateCode);
$templateCode = str_replace('<%%COMBOTEXT(to)%%>', $combo_to->GetHTML(true), $templateCode);
// process foreign key links
if ($selected_id) {
$templateCode = str_replace('<%%PLINK(tenant)%%>', $combo_tenant->SelectedData ? "<span id=\"applicants_and_tenants_plink1\" class=\"hidden\"><a class=\"btn btn-default\" href=\"applicants_and_tenants_view.php?SelectedID=" . urlencode($combo_tenant->SelectedData) . "\"><i class=\"glyphicon glyphicon-search\"></i></a></span>" : '', $templateCode);
}
// process images
$templateCode = str_replace('<%%UPLOADFILE(id)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(tenant)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(address)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(landlord_or_manager_name)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(landlord_or_manager_phone)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(monthly_rent)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(duration_of_residency_from)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(to)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(reason_for_leaving)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(notes)%%>', '', $templateCode);
// process values
if ($selected_id) {
$templateCode = str_replace('<%%VALUE(id)%%>', htmlspecialchars($row['id'], ENT_QUOTES), $templateCode);
$templateCode = str_replace('<%%URLVALUE(id)%%>', urlencode($urow['id']), $templateCode);
$templateCode = str_replace('<%%VALUE(tenant)%%>', htmlspecialchars($row['tenant'], ENT_QUOTES), $templateCode);
$templateCode = str_replace('<%%URLVALUE(tenant)%%>', urlencode($urow['tenant']), $templateCode);
$templateCode = str_replace('<%%VALUE(address)%%>', htmlspecialchars($row['address'], ENT_QUOTES), $templateCode);
$templateCode = str_replace('<%%URLVALUE(address)%%>', urlencode($urow['address']), $templateCode);
$templateCode = str_replace('<%%VALUE(landlord_or_manager_name)%%>', htmlspecialchars($row['landlord_or_manager_name'], ENT_QUOTES), $templateCode);
$templateCode = str_replace('<%%URLVALUE(landlord_or_manager_name)%%>', urlencode($urow['landlord_or_manager_name']), $templateCode);
$templateCode = str_replace('<%%VALUE(landlord_or_manager_phone)%%>', htmlspecialchars($row['landlord_or_manager_phone'], ENT_QUOTES), $templateCode);
$templateCode = str_replace('<%%URLVALUE(landlord_or_manager_phone)%%>', urlencode($urow['landlord_or_manager_phone']), $templateCode);
$templateCode = str_replace('<%%VALUE(monthly_rent)%%>', htmlspecialchars($row['monthly_rent'], ENT_QUOTES), $templateCode);
$templateCode = str_replace('<%%URLVALUE(monthly_rent)%%>', urlencode($urow['monthly_rent']), $templateCode);
$templateCode = str_replace('<%%VALUE(duration_of_residency_from)%%>', @date('m/d/Y', @strtotime(htmlspecialchars($row['duration_of_residency_from'], ENT_QUOTES))), $templateCode);
$templateCode = str_replace('<%%URLVALUE(duration_of_residency_from)%%>', urlencode(@date('m/d/Y', @strtotime(htmlspecialchars($urow['duration_of_residency_from'], ENT_QUOTES)))), $templateCode);
$templateCode = str_replace('<%%VALUE(to)%%>', @date('m/d/Y', @strtotime(htmlspecialchars($row['to'], ENT_QUOTES))), $templateCode);
$templateCode = str_replace('<%%URLVALUE(to)%%>', urlencode(@date('m/d/Y', @strtotime(htmlspecialchars($urow['to'], ENT_QUOTES)))), $templateCode);
$templateCode = str_replace('<%%VALUE(reason_for_leaving)%%>', htmlspecialchars($row['reason_for_leaving'], ENT_QUOTES), $templateCode);
$templateCode = str_replace('<%%URLVALUE(reason_for_leaving)%%>', urlencode($urow['reason_for_leaving']), $templateCode);
if ($AllowUpdate || $AllowInsert) {
$templateCode = str_replace('<%%HTMLAREA(notes)%%>', '<textarea name="notes" id="notes" rows="5">' . htmlspecialchars($row['notes'], ENT_QUOTES) . '</textarea>', $templateCode);
} else {
$templateCode = str_replace('<%%HTMLAREA(notes)%%>', $row['notes'], $templateCode);
}
$templateCode = str_replace('<%%VALUE(notes)%%>', nl2br($row['notes']), $templateCode);
$templateCode = str_replace('<%%URLVALUE(notes)%%>', urlencode($urow['notes']), $templateCode);
} else {
$templateCode = str_replace('<%%VALUE(id)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(id)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(tenant)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(tenant)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(address)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(address)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(landlord_or_manager_name)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(landlord_or_manager_name)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(landlord_or_manager_phone)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(landlord_or_manager_phone)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(monthly_rent)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(monthly_rent)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(duration_of_residency_from)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(duration_of_residency_from)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(to)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(to)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(reason_for_leaving)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(reason_for_leaving)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%HTMLAREA(notes)%%>', '<textarea name="notes" id="notes" rows="5"></textarea>', $templateCode);
}
// process translations
foreach ($Translation as $symbol => $trans) {
$templateCode = str_replace("<%%TRANSLATION({$symbol})%%>", $trans, $templateCode);
}
// clear scrap
$templateCode = str_replace('<%%', '<!-- ', $templateCode);
$templateCode = str_replace('%%>', ' -->', $templateCode);
// hide links to inaccessible tables
if ($_POST['dvprint_x'] == '') {
$templateCode .= "\n\n<script>\$j(function(){\n";
$arrTables = getTableList();
foreach ($arrTables as $name => $caption) {
$templateCode .= "\t\$j('#{$name}_link').removeClass('hidden');\n";
$templateCode .= "\t\$j('#xs_{$name}_link').removeClass('hidden');\n";
$templateCode .= "\t\$j('[id^=\"{$name}_plink\"]').removeClass('hidden');\n";
}
$templateCode .= $jsReadOnly;
$templateCode .= $jsEditable;
if (!$selected_id) {
}
$templateCode .= "\n});</script>\n";
}
// ajaxed auto-fill fields
$templateCode .= '<script>';
$templateCode .= '$j(function() {';
$templateCode .= "});";
$templateCode .= "</script>";
$templateCode .= $lookups;
// handle enforced parent values for read-only lookup fields
// don't include blank images in lightbox gallery
$templateCode = preg_replace('/blank.gif" rel="lightbox\\[.*?\\]"/', 'blank.gif"', $templateCode);
// don't display empty email links
$templateCode = preg_replace('/<a .*?href="mailto:".*?<\\/a>/', '', $templateCode);
// hook: residence_and_rental_history_dv
if (function_exists('residence_and_rental_history_dv')) {
$args = array();
residence_and_rental_history_dv($selected_id ? $selected_id : FALSE, getMemberInfo(), $templateCode, $args);
}
return $templateCode;
}
function customers_form($selected_id = '', $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0)
{
// function to return an editable form for a table records
// and fill it with data of record whose ID is $selected_id. If $selected_id
// is empty, an empty form is shown, with only an 'Add New'
// button displayed.
global $Translation;
// mm: get table permissions
$arrPerm = getTablePermissions('customers');
if (!$arrPerm[1] && $selected_id == '') {
return '';
}
$AllowInsert = $arrPerm[1] ? true : false;
// print preview?
$dvprint = false;
if ($selected_id && $_REQUEST['dvprint_x'] != '') {
$dvprint = true;
}
// populate filterers, starting from children to grand-parents
// unique random identifier
$rnd1 = $dvprint ? rand(1000000, 9999999) : '';
// combobox: Country
$combo_Country = new Combo();
$combo_Country->ListType = 0;
$combo_Country->MultipleSeparator = ', ';
$combo_Country->ListBoxHeight = 10;
$combo_Country->RadiosPerLine = 1;
if (is_file(dirname(__FILE__) . '/hooks/customers.Country.csv')) {
$Country_data = addslashes(implode('', @file(dirname(__FILE__) . '/hooks/customers.Country.csv')));
$combo_Country->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($Country_data)));
$combo_Country->ListData = $combo_Country->ListItem;
} else {
$combo_Country->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("Afghanistan;;Albania;;Algeria;;American Samoa;;Andorra;;Angola;;Anguilla;;Antarctica;;Antigua, Barbuda;;Argentina;;Armenia;;Aruba;;Australia;;Austria;;Azerbaijan;;Bahamas;;Bahrain;;Bangladesh;;Barbados;;Belarus;;Belgium;;Belize;;Benin;;Bermuda;;Bhutan;;Bolivia;;Bosnia, Herzegovina;;Botswana;;Bouvet Is.;;Brazil;;Brunei Darussalam;;Bulgaria;;Burkina Faso;;Burundi;;Cambodia;;Cameroon;;Canada;;Canary Is.;;Cape Verde;;Cayman Is.;;Central African Rep.;;Chad;;Channel Islands;;Chile;;China;;Christmas Is.;;Cocos Is.;;Colombia;;Comoros;;Congo, D.R. Of;;Congo;;Cook Is.;;Costa Rica;;Croatia;;Cuba;;Cyprus;;Czech Republic;;Denmark;;Djibouti;;Dominica;;Dominican Republic;;Ecuador;;Egypt;;El Salvador;;Equatorial Guinea;;Eritrea;;Estonia;;Ethiopia;;Falkland Is.;;Faroe Is.;;Fiji;;Finland;;France;;French Guiana;;French Polynesia;;French Territories;;Gabon;;Gambia;;Georgia;;Germany;;Ghana;;Gibraltar;;Greece;;Greenland;;Grenada;;Guadeloupe;;Guam;;Guatemala;;Guernsey;;Guinea-bissau;;Guinea;;Guyana;;Haiti;;Heard, Mcdonald Is.;;Honduras;;Hong Kong;;Hungary;;Iceland;;India;;Indonesia;;Iran;;Iraq;;Ireland;;Israel;;Italy;;Ivory Coast;;Jamaica;;Japan;;Jersey;;Jordan;;Kazakhstan;;Kenya;;Kiribati;;Korea, D.P.R Of;;Korea, Rep. Of;;Kuwait;;Kyrgyzstan;;Lao Peoples D.R.;;Latvia;;Lebanon;;Lesotho;;Liberia;;Libyan Arab Jamahiriya;;Liechtenstein;;Lithuania;;Luxembourg;;Macao;;Macedonia, F.Y.R Of;;Madagascar;;Malawi;;Malaysia;;Maldives;;Mali;;Malta;;Mariana Islands;;Marshall Islands;;Martinique;;Mauritania;;Mauritius;;Mayotte;;Mexico;;Micronesia;;Moldova;;Monaco;;Mongolia;;Montserrat;;Morocco;;Mozambique;;Myanmar;;Namibia;;Nauru;;Nepal;;Netherlands Antilles;;Netherlands;;New Caledonia;;New Zealand;;Nicaragua;;Niger;;Nigeria;;Niue;;Norfolk Island;;Norway;;Oman;;Pakistan;;Palau;;Palestinian Terr.;;Panama;;Papua New Guinea;;Paraguay;;Peru;;Philippines;;Pitcairn;;Poland;;Portugal;;Puerto Rico;;Qatar;;Reunion;;Romania;;Russian Federation;;Rwanda;;Samoa;;San Marino;;Sao Tome, Principe;;Saudi Arabia;;Senegal;;Seychelles;;Sierra Leone;;Singapore;;Slovakia;;Slovenia;;Solomon Is.;;Somalia;;South Africa;;South Georgia;;South Sandwich Is.;;Spain;;Sri Lanka;;St. Helena;;St. Kitts, Nevis;;St. Lucia;;St. Pierre, Miquelon;;St. Vincent, Grenadines;;Sudan;;Suriname;;Svalbard, Jan Mayen;;Swaziland;;Sweden;;Switzerland;;Syrian Arab Republic;;Taiwan;;Tajikistan;;Tanzania;;Thailand;;Timor-leste;;Togo;;Tokelau;;Tonga;;Trinidad, Tobago;;Tunisia;;Turkey;;Turkmenistan;;Turks, Caicoss;;Tuvalu;;Uganda;;Ukraine;;United Arab Emirates;;United Kingdom;;United States;;Uruguay;;Uzbekistan;;Vanuatu;;Vatican City;;Venezuela;;Viet Nam;;Virgin Is. British;;Virgin Is. U.S.;;Wallis, Futuna;;Western Sahara;;Yemen;;Yugoslavia;;Zambia;;Zimbabwe")));
$combo_Country->ListData = $combo_Country->ListItem;
}
$combo_Country->SelectName = 'Country';
if ($selected_id) {
// mm: check member permissions
if (!$arrPerm[2]) {
return "";
}
// mm: who is the owner?
$ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='customers' and pkValue='" . makeSafe($selected_id) . "'");
$ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='customers' and pkValue='" . makeSafe($selected_id) . "'");
if ($arrPerm[2] == 1 && getLoggedMemberID() != $ownerMemberID) {
return "";
}
if ($arrPerm[2] == 2 && getLoggedGroupID() != $ownerGroupID) {
return "";
}
// can edit?
if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) {
$AllowUpdate = 1;
} else {
$AllowUpdate = 0;
}
$res = sql("select * from `customers` where `CustomerID`='" . makeSafe($selected_id) . "'", $eo);
if (!($row = db_fetch_array($res))) {
return error_message($Translation['No records found']);
}
$urow = $row;
/* unsanitized data */
$hc = new CI_Input();
$row = $hc->xss_clean($row);
/* sanitize data */
$combo_Country->SelectedData = $row['Country'];
} else {
$combo_Country->SelectedText = $_REQUEST['FilterField'][1] == '9' && $_REQUEST['FilterOperator'][1] == '<=>' ? get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1] : "";
}
$combo_Country->Render();
// code for template based detail view forms
// open the detail view template
if ($dvprint) {
$templateCode = @file_get_contents('./templates/customers_templateDVP.html');
} else {
$templateCode = @file_get_contents('./templates/customers_templateDV.html');
}
// process form title
$templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Detail View', $templateCode);
$templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode);
$templateCode = str_replace('<%%EMBEDDED%%>', $_REQUEST['Embedded'] ? 'Embedded=1' : '', $templateCode);
// process buttons
if ($arrPerm[1] && !$selected_id) {
// allow insert and no record selected?
if (!$selected_id) {
$templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-success" id="insert" name="insert_x" value="1" onclick="return customers_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save New'] . '</button>', $templateCode);
}
$templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="insert" name="insert_x" value="1" onclick="return customers_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save As Copy'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%INSERT_BUTTON%%>', '', $templateCode);
}
// 'Back' button action
if ($_REQUEST['Embedded']) {
$backAction = 'window.parent.jQuery(\'.modal\').modal(\'hide\'); return false;';
} else {
$backAction = '$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;';
}
if ($selected_id) {
if (!$_REQUEST['Embedded']) {
$templateCode = str_replace('<%%DVPRINT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="dvprint" name="dvprint_x" value="1" onclick="$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print Preview'] . '</button>', $templateCode);
}
if ($AllowUpdate) {
$templateCode = str_replace('<%%UPDATE_BUTTON%%>', '<button type="submit" class="btn btn-success btn-lg" id="update" name="update_x" value="1" onclick="return customers_validateData();"><i class="glyphicon glyphicon-ok"></i> ' . $Translation['Save Changes'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
}
if ($arrPerm[4] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[4] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[4] == 3) {
// allow delete?
$templateCode = str_replace('<%%DELETE_BUTTON%%>', '<button type="submit" class="btn btn-danger" id="delete" name="delete_x" value="1" onclick="return confirm(\'' . $Translation['are you sure?'] . '\');"><i class="glyphicon glyphicon-trash"></i> ' . $Translation['Delete'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
}
$templateCode = str_replace('<%%DESELECT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
$templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
$templateCode = str_replace('<%%DESELECT_BUTTON%%>', $ShowCancel ? '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>' : '', $templateCode);
}
// set records to read only if user can't insert new records and can't edit current record
if ($selected_id && !$AllowUpdate || !$selected_id && !$AllowInsert) {
$jsReadOnly .= "\tjQuery('#CustomerID').replaceWith('<div class=\"form-control-static\" id=\"CustomerID\">' + (jQuery('#CustomerID').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#CompanyName').replaceWith('<div class=\"form-control-static\" id=\"CompanyName\">' + (jQuery('#CompanyName').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#ContactName').replaceWith('<div class=\"form-control-static\" id=\"ContactName\">' + (jQuery('#ContactName').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#ContactTitle').replaceWith('<div class=\"form-control-static\" id=\"ContactTitle\">' + (jQuery('#ContactTitle').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#Address').replaceWith('<div class=\"form-control-static\" id=\"Address\">' + (jQuery('#Address').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#City').replaceWith('<div class=\"form-control-static\" id=\"City\">' + (jQuery('#City').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#Region').replaceWith('<div class=\"form-control-static\" id=\"Region\">' + (jQuery('#Region').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#PostalCode').replaceWith('<div class=\"form-control-static\" id=\"PostalCode\">' + (jQuery('#PostalCode').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#Country').replaceWith('<div class=\"form-control-static\" id=\"Country\">' + (jQuery('#Country').val() || '') + '</div>'); jQuery('#Country-multi-selection-help').hide();\n";
$jsReadOnly .= "\tjQuery('#Phone').replaceWith('<div class=\"form-control-static\" id=\"Phone\">' + (jQuery('#Phone').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('#Fax').replaceWith('<div class=\"form-control-static\" id=\"Fax\">' + (jQuery('#Fax').val() || '') + '</div>');\n";
$jsReadOnly .= "\tjQuery('.select2-container').hide();\n";
$noUploads = true;
} elseif ($AllowInsert && !$selected_id || $AllowUpdate && $selected_id) {
$jsEditable .= "\tjQuery('form').eq(0).data('already_changed', true);";
// temporarily disable form change handler
$jsEditable .= "\tjQuery('form').eq(0).data('already_changed', false);";
// re-enable form change handler
}
// process combos
$templateCode = str_replace('<%%COMBO(Country)%%>', $combo_Country->HTML, $templateCode);
$templateCode = str_replace('<%%COMBOTEXT(Country)%%>', $combo_Country->SelectedData, $templateCode);
/* lookup fields array: 'lookup field name' => array('parent table name', 'lookup field caption') */
$lookup_fields = array();
foreach ($lookup_fields as $luf => $ptfc) {
$pt_perm = getTablePermissions($ptfc[0]);
// process foreign key links
if ($pt_perm['view'] || $pt_perm['edit']) {
$templateCode = str_replace("<%%PLINK({$luf})%%>", '<button type="button" class="btn btn-default view_parent hspacer-lg" id="' . $ptfc[0] . '_view_parent" title="' . htmlspecialchars($Translation['View'] . ' ' . $ptfc[1], ENT_QUOTES, 'iso-8859-1') . '"><i class="glyphicon glyphicon-eye-open"></i></button>', $templateCode);
}
// if user has insert permission to parent table of a lookup field, put an add new button
if ($pt_perm['insert'] && !$_REQUEST['Embedded']) {
$templateCode = str_replace("<%%ADDNEW({$ptfc[0]})%%>", '<button type="button" class="btn btn-success add_new_parent" id="' . $ptfc[0] . '_add_new" title="' . htmlspecialchars($Translation['Add New'] . ' ' . $ptfc[1], ENT_QUOTES, 'iso-8859-1') . '"><i class="glyphicon glyphicon-plus-sign"></i></button>', $templateCode);
}
}
// process images
$templateCode = str_replace('<%%UPLOADFILE(CustomerID)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(CompanyName)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(ContactName)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(ContactTitle)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(Address)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(City)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(Region)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(PostalCode)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(Country)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(Phone)%%>', '', $templateCode);
$templateCode = str_replace('<%%UPLOADFILE(Fax)%%>', '', $templateCode);
// process values
if ($selected_id) {
$templateCode = str_replace('<%%VALUE(CustomerID)%%>', htmlspecialchars($row['CustomerID'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(CustomerID)%%>', urlencode($urow['CustomerID']), $templateCode);
$templateCode = str_replace('<%%VALUE(CompanyName)%%>', htmlspecialchars($row['CompanyName'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(CompanyName)%%>', urlencode($urow['CompanyName']), $templateCode);
$templateCode = str_replace('<%%VALUE(ContactName)%%>', htmlspecialchars($row['ContactName'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(ContactName)%%>', urlencode($urow['ContactName']), $templateCode);
$templateCode = str_replace('<%%VALUE(ContactTitle)%%>', htmlspecialchars($row['ContactTitle'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(ContactTitle)%%>', urlencode($urow['ContactTitle']), $templateCode);
if ($dvprint) {
$templateCode = str_replace('<%%VALUE(Address)%%>', nl2br(htmlspecialchars($row['Address'], ENT_QUOTES, 'iso-8859-1')), $templateCode);
} else {
$templateCode = str_replace('<%%VALUE(Address)%%>', htmlspecialchars($row['Address'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
}
$templateCode = str_replace('<%%URLVALUE(Address)%%>', urlencode($urow['Address']), $templateCode);
$templateCode = str_replace('<%%VALUE(City)%%>', htmlspecialchars($row['City'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(City)%%>', urlencode($urow['City']), $templateCode);
$templateCode = str_replace('<%%VALUE(Region)%%>', htmlspecialchars($row['Region'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(Region)%%>', urlencode($urow['Region']), $templateCode);
$templateCode = str_replace('<%%VALUE(PostalCode)%%>', htmlspecialchars($row['PostalCode'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(PostalCode)%%>', urlencode($urow['PostalCode']), $templateCode);
$templateCode = str_replace('<%%VALUE(Country)%%>', htmlspecialchars($row['Country'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(Country)%%>', urlencode($urow['Country']), $templateCode);
$templateCode = str_replace('<%%VALUE(Phone)%%>', htmlspecialchars($row['Phone'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(Phone)%%>', urlencode($urow['Phone']), $templateCode);
$templateCode = str_replace('<%%VALUE(Fax)%%>', htmlspecialchars($row['Fax'], ENT_QUOTES, 'iso-8859-1'), $templateCode);
$templateCode = str_replace('<%%URLVALUE(Fax)%%>', urlencode($urow['Fax']), $templateCode);
} else {
$templateCode = str_replace('<%%VALUE(CustomerID)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(CustomerID)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(CompanyName)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(CompanyName)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(ContactName)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(ContactName)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(ContactTitle)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(ContactTitle)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(Address)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(Address)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(City)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(City)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(Region)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(Region)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(PostalCode)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(PostalCode)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(Country)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(Country)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(Phone)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(Phone)%%>', urlencode(''), $templateCode);
$templateCode = str_replace('<%%VALUE(Fax)%%>', '', $templateCode);
$templateCode = str_replace('<%%URLVALUE(Fax)%%>', urlencode(''), $templateCode);
}
// process translations
foreach ($Translation as $symbol => $trans) {
$templateCode = str_replace("<%%TRANSLATION({$symbol})%%>", $trans, $templateCode);
}
// clear scrap
$templateCode = str_replace('<%%', '<!-- ', $templateCode);
$templateCode = str_replace('%%>', ' -->', $templateCode);
// hide links to inaccessible tables
if ($_POST['dvprint_x'] == '') {
$templateCode .= "\n\n<script>\$j(function(){\n";
$arrTables = getTableList();
foreach ($arrTables as $name => $caption) {
$templateCode .= "\t\$j('#{$name}_link').removeClass('hidden');\n";
$templateCode .= "\t\$j('#xs_{$name}_link').removeClass('hidden');\n";
}
$templateCode .= $jsReadOnly;
$templateCode .= $jsEditable;
if (!$selected_id) {
}
$templateCode .= "\n});</script>\n";
}
// ajaxed auto-fill fields
$templateCode .= '<script>';
$templateCode .= '$j(function() {';
$templateCode .= "});";
$templateCode .= "</script>";
$templateCode .= $lookups;
// handle enforced parent values for read-only lookup fields
// don't include blank images in lightbox gallery
$templateCode = preg_replace('/blank.gif" rel="lightbox\\[.*?\\]"/', 'blank.gif"', $templateCode);
// don't display empty email links
$templateCode = preg_replace('/<a .*?href="mailto:".*?<\\/a>/', '', $templateCode);
// hook: customers_dv
if (function_exists('customers_dv')) {
$args = array();
customers_dv($selected_id ? $selected_id : FALSE, getMemberInfo(), $templateCode, $args);
}
return $templateCode;
}
function check_record_permission($table, $id, $perm = 'view')
{
if ($perm != 'edit' && $perm != 'delete') {
$perm = 'view';
}
$perms = getTablePermissions($table);
if (!$perms[$perm]) {
return false;
}
$safe_id = makeSafe($id);
$safe_table = makeSafe($table);
if ($perms[$perm] == 1) {
// own records only
$username = getLoggedMemberID();
$owner = sqlValue("select memberID from membership_userrecords where tableName='{$safe_table}' and pkValue='{$safe_id}'");
if ($owner == $username) {
return true;
}
} elseif ($perms[$perm] == 2) {
// group records
$group_id = getLoggedGroupID();
$owner_group_id = sqlValue("select groupID from membership_userrecords where tableName='{$safe_table}' and pkValue='{$safe_id}'");
if ($owner_group_id == $group_id) {
return true;
}
} elseif ($perms[$perm] == 3) {
// all records
return true;
}
return false;
}
